octeontx2-af: Add validation before accessing cgx and lmac
Description
In the Linux kernel, the following vulnerability has been resolved:
octeontx2-af: Add validation before accessing cgx and lmac
with the addition of new MAC blocks like CN10K RPM and CN10KB RPM_USX, LMACs are noncontiguous and CGX blocks are also noncontiguous. But during RVU driver initialization, the driver is assuming they are contiguous and trying to access cgx or lmac with their id which is resulting in kernel panic.
This patch fixes the issue by adding proper checks.
[ 23.219150] pc : cgx_lmac_read+0x38/0x70 [ 23.219154] lr : rvu_program_channels+0x3f0/0x498 [ 23.223852] sp : ffff000100d6fc80 [ 23.227158] x29: ffff000100d6fc80 x28: ffff00010009f880 x27: 000000000000005a [ 23.234288] x26: ffff000102586768 x25: 0000000000002500 x24: fffffffffff0f000
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
77- osv-coords74 versionspkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_17&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_17&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP6pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7
< 6.4.0-150600.23.78.1+ 73 more
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150600.8.55.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150600.23.78.1.150600.12.34.2
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150600.10.58.1
- (no CPE)range: < 6.4.0-150600.10.58.1
- (no CPE)range: < 6.4.0-150600.8.55.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150600.10.58.1
- (no CPE)range: < 6.4.0-150600.8.55.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150600.10.58.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150700.53.22.1
- (no CPE)range: < 6.4.0-150600.8.55.1
- (no CPE)range: < 6.4.0-150700.20.18.1
- (no CPE)range: < 6.4.0-150600.23.78.1.150600.12.34.2
- (no CPE)range: < 6.4.0-150700.53.22.1.150700.17.15.1
- (no CPE)range: < 6.4.0-36.1.21.13
- (no CPE)range: < 6.4.0-36.1.21.13
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150700.53.22.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150700.53.22.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150700.53.22.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150700.53.22.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150700.53.22.1
- (no CPE)range: < 6.4.0-36.1
- (no CPE)range: < 6.4.0-36.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150700.53.22.1
- (no CPE)range: < 6.4.0-36.1
- (no CPE)range: < 6.4.0-36.1
- (no CPE)range: < 1-150600.1.3.1
- (no CPE)range: < 1-150600.13.5.1
- (no CPE)range: < 1-150700.1.3.1
- (no CPE)range: < 1-150700.15.3.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150700.53.22.1
- (no CPE)range: < 6.4.0-150600.10.58.1
- (no CPE)range: < 6.4.0-38.1
- (no CPE)range: < 6.4.0-38.1
- (no CPE)range: < 6.4.0-150600.10.58.1
- (no CPE)range: < 6.4.0-150700.7.22.1
- (no CPE)range: < 6.4.0-150600.8.55.1
- (no CPE)range: < 6.4.0-150700.20.18.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150700.53.22.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150700.53.22.1
- (no CPE)range: < 6.4.0-36.1
- (no CPE)range: < 6.4.0-36.1
- (no CPE)range: < 6.4.0-38.1
- (no CPE)range: < 6.4.0-38.1
- (no CPE)range: < 6.4.0-150600.10.58.1
- (no CPE)range: < 6.4.0-150700.7.22.1
- (no CPE)range: < 6.4.0-150600.8.55.1
- (no CPE)range: < 6.4.0-150700.20.18.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150700.53.22.1
- (no CPE)range: < 6.4.0-150600.10.58.1
- (no CPE)range: < 6.4.0-150700.7.22.1
- (no CPE)range: < 6.4.0-150600.23.78.1
- (no CPE)range: < 6.4.0-150700.53.22.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.