CVE-2022-49208

Feb. 26, 2025, 7 a.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Prevent some integer underflows My static checker complains that: drivers/infiniband/hw/irdma/ctrl.c:3605 irdma_sc_ceq_init() warn: can subtract underflow 'info->dev->hmc_fpm_misc.max_ceqs'? It appears that "info->dev->hmc_fpm_misc.max_ceqs" comes from the firmware in irdma_sc_parse_fpm_query_buf() so, yes, there is a chance that it could be zero. Even if we trust the firmware, it's easy enough to change the condition just as a hardenning measure.

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/6f6dbb819dfc1a35bcb8b709b5c83a3ea8beff75
https://git.kernel.org/stable/c/7340c3675d7ac946f4019b84cd7c64ed542dfe4c
https://git.kernel.org/stable/c/d52dab6e03550f9c97121b0c11c0a3ed78ee76a4
https://git.kernel.org/stable/c/f21056f15bbeacab7b4b87af232f5599d1f2bff1

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-02-26
CVE-2022-49208

Timeline

Published: Feb. 26, 2025, 7 a.m.
Last Modified: Feb. 26, 2025, 7 a.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.