Description

In the Linux kernel, the following vulnerability has been resolved: ice: Fix DMA mappings leak Fix leak, when user changes ring parameters. During reallocation of RX buffers, new DMA mappings are created for those buffers. New buffers with different RX ring count should substitute older ones, but those buffers were freed in ice_vsi_cfg_rxq and reallocated again with ice_alloc_rx_buf. kfree on rx_buf caused leak of already mapped DMA. Reallocate ZC with xdp_buf struct, when BPF program loads. Reallocate back to rx_buf, when BPF program unloads. If BPF program is loaded/unloaded and XSK pools are created, reallocate RX queues accordingly in XDP_SETUP_XSK_POOL handler. Steps for reproduction: while : do for ((i=0; i<=8160; i=i+32)) do ethtool -G enp130s0f0 rx $i tx $i sleep 0.5 ethtool -g enp130s0f0 done done

INFO

Published Date :

2024-05-03T17:44:31.180Z

Last Modified :

2025-05-04T08:21:08.464Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-48690 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-48690.

URL Resource
https://git.kernel.org/stable/c/07f40e9f0ff342eb3e97d5c544783b7cb641689c cve-icon cve-icon
https://git.kernel.org/stable/c/7e753eb675f0523207b184558638ee2eed6c9ac2 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024050346-CVE-2022-48690-53bc@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-48690 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-48690 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact