#VU104595 NULL pointer dereference in Linux kernel - CVE-2022-49516
Published: February 26, 2025 / Updated: May 11, 2025
Linux kernel
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_vf_fdir_dump_info() function in drivers/net/ethernet/intel/ice/ice_virtchnl_fdir.c, within the ice_vc_ena_vlan_stripping() function in drivers/net/ethernet/intel/ice/ice_virtchnl.c, within the ice_vf_clear_counters(), ice_vf_rebuild_vsi(), ice_reset_vf(), ice_dis_vf_qs(), ice_vf_rebuild_host_mac_cfg(), ice_vf_rebuild_host_tx_rate_cfg() and ice_vf_rebuild_host_cfg() functions in drivers/net/ethernet/intel/ice/ice_vf_lib.c, within the ice_free_vf_entries(), ice_dis_vf_mappings(), ice_ena_vf_q_mappings(), ice_ena_vf_mappings(), ice_get_vf_from_pfq(), ice_calc_all_vfs_min_tx_rate() and ice_set_vf_bw() functions in drivers/net/ethernet/intel/ice/ice_sriov.c, within the ice_repr_add() function in drivers/net/ethernet/intel/ice/ice_repr.c, within the ice_devlink_create_vf_port() function in drivers/net/ethernet/intel/ice/ice_devlink.c. A local user can perform a denial of service (DoS) attack.