Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Prevent some integer underflows My static checker complains that: drivers/infiniband/hw/irdma/ctrl.c:3605 irdma_sc_ceq_init() warn: can subtract underflow 'info->dev->hmc_fpm_misc.max_ceqs'? It appears that "info->dev->hmc_fpm_misc.max_ceqs" comes from the firmware in irdma_sc_parse_fpm_query_buf() so, yes, there is a chance that it could be zero. Even if we trust the firmware, it's easy enough to change the condition just as a hardenning measure.

INFO

Published Date :

2025-02-26T01:55:46.666Z

Last Modified :

2025-10-01T19:47:06.592Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49208 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49208.

URL Resource
https://git.kernel.org/stable/c/6f6dbb819dfc1a35bcb8b709b5c83a3ea8beff75 cve-icon cve-icon
https://git.kernel.org/stable/c/7340c3675d7ac946f4019b84cd7c64ed542dfe4c cve-icon cve-icon
https://git.kernel.org/stable/c/d52dab6e03550f9c97121b0c11c0a3ed78ee76a4 cve-icon cve-icon
https://git.kernel.org/stable/c/f21056f15bbeacab7b4b87af232f5599d1f2bff1 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025022619-CVE-2022-49208-9293@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49208 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49208 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact