CVE-2022-49584

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel can cause a panic when setting sriov numvfs to zero while the PF driver is processing requests from the VF driver. This issue can be triggered by disabling VFs while the PF driver is active, resulting in a kernel panic. The problem is related to the lack of locking when disabling SR-IOV, allowing process VF mailbox communication to occur simultaneously.

Recommendations To resolve this issue, add locking when disabling SR-IOV to prevent process VF mailbox communication. As a temporary workaround, consider avoiding the simultaneous disabling of VFs and processing of requests from the VF driver by the PF driver. However, the exact steps for this workaround are not provided, and thus the primary recommendation is to apply the fix that adds the necessary locking mechanism. At the moment, there is no information about a newer version that contains a fix for this vulnerability.