Bug 1227991 (CVE-2022-48841)

Summary: VUL-0: CVE-2022-48841: kernel: ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats()
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: gianluca.gabrielli, miroslav.franc
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/414259/
Whiteboard: CVSSv3.1:SUSE:CVE-2022-48841:5.5:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-07-17 07:45:27 UTC 
In the Linux kernel, the following vulnerability has been resolved:

ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats()

It is possible to do NULL pointer dereference in routine that updates
Tx ring stats. Currently only stats and bytes are updated when ring
pointer is valid, but later on ring is accessed to propagate gathered Tx
stats onto VSI stats.

Change the existing logic to move to next ring when ring is NULL.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-48841
https://www.cve.org/CVERecord?id=CVE-2022-48841
https://git.kernel.org/stable/c/2397270ec97c5e3009a58ac110a25e1869e9d6ff
https://git.kernel.org/stable/c/f153546913bada41a811722f2c6d17c3243a0333
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2022/CVE-2022-48841.mbox
https://bugzilla.redhat.com/show_bug.cgi?id=2298182
Comment 4 Andrea Mattiazzo 2024-07-19 12:38:32 UTC 
All done, closing.