CVE-2022-49227

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved. The issue occurs when changing RX ring parameters using ethtool, which triggers kernel warnings. The igc ethtool set ringparam() function neglects to reset the xdp rxq info member before calling igc setup rx resources(), resulting in a warning. This happens when the ethtool command is used to change RX ring parameters, such as $ ethtool -G eth0 rx 1024. The vulnerability is related to the igc driver and the xdp rxq info reg() function.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for this vulnerability. As a temporary workaround, consider avoiding the use of the ethtool command to change RX ring parameters until a patch is available. Additionally, restricting access to the igc driver or the xdp rxq info reg() function may help minimize the risk of exploitation.