CVE-2022-49703

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, specifically in the ibmvfc module. The issue arises from the back pointer from a queue to the vhost adapter not being set until after subcrq interrupt registration, which can lead to a crash during kexec/kdump on Power 9 with legacy XICS interrupt controller. This crash occurs when a pending subcrq interrupt from the previous kernel is replayed immediately upon IRQ registration, resulting in the dereference of a garbage backpointer in ibmvfc interrupt scsi(). The kernel attempted to read a user page, which may indicate an exploit attempt.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.