-

CVE-2022-50476

In the Linux kernel, the following vulnerability has been resolved:

ntb_netdev: Use dev_kfree_skb_any() in interrupt context

TX/RX callback handlers (ntb_netdev_tx_handler(),
ntb_netdev_rx_handler()) can be called in interrupt
context via the DMA framework when the respective
DMA operations have completed. As such, any calls
by these routines to free skb's, should use the
interrupt context safe dev_kfree_skb_any() function.

Previously, these callback handlers would call the
interrupt unsafe version of dev_kfree_skb(). This has
not presented an issue on Intel IOAT DMA engines as
that driver utilizes tasklets rather than a hard
interrupt handler, like the AMD PTDMA DMA driver.
On AMD systems, a kernel WARNING message is
encountered, which is being issued from
skb_release_head_state() due to in_hardirq()
being true.

Besides the user visible WARNING from the kernel,
the other symptom of this bug was that TCP/IP performance
across the ntb_netdev interface was very poor, i.e.
approximately an order of magnitude below what was
expected. With the repair to use dev_kfree_skb_any(),
kernel WARNINGs from skb_release_head_state() ceased
and TCP/IP performance, as measured by iperf, was on
par with expected results, approximately 20 Gb/s on
AMD Milan based server. Note that this performance
is comparable with Intel based servers.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version < d4460c82177899751975180c268f352893302221
Version 548c237c0a9972df5d1afaca38aa733ee577128d
Status affected
Version < dd860b39aa7c7b82e6c99b6fdb99d4610ce49d67
Version 548c237c0a9972df5d1afaca38aa733ee577128d
Status affected
Version < 8b78493968ed3cef0326183ed059c55e42f24d5b
Version 548c237c0a9972df5d1afaca38aa733ee577128d
Status affected
Version < a6b9e09403102bdf8402dae734800e4916c7ea58
Version 548c237c0a9972df5d1afaca38aa733ee577128d
Status affected
Version < 13286ad1c7c49c606fdcba4cf66f953a1a16c1ca
Version 548c237c0a9972df5d1afaca38aa733ee577128d
Status affected
Version < 21296a52caa6a6bad6debdfe40ad81d4f1a27e69
Version 548c237c0a9972df5d1afaca38aa733ee577128d
Status affected
Version < 14d245da57a11e80277ab455aa9b6dcc5ed38a19
Version 548c237c0a9972df5d1afaca38aa733ee577128d
Status affected
Version < 07e28a8f450217db679802ebd4de0915556ce846
Version 548c237c0a9972df5d1afaca38aa733ee577128d
Status affected
Version < 5f7d78b2b12a9d561f48fa00bab29b40f4616dad
Version 548c237c0a9972df5d1afaca38aa733ee577128d
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 3.9
Status affected
Version < 3.9
Version 0
Status unaffected
Version <= 4.9.*
Version 4.9.337
Status unaffected
Version <= 4.14.*
Version 4.14.303
Status unaffected
Version <= 4.19.*
Version 4.19.270
Status unaffected
Version <= 5.4.*
Version 5.4.229
Status unaffected
Version <= 5.10.*
Version 5.10.163
Status unaffected
Version <= 5.15.*
Version 5.15.86
Status unaffected
Version <= 6.0.*
Version 6.0.16
Status unaffected
Version <= 6.1.*
Version 6.1.2
Status unaffected
Version <= *
Version 6.2
Status unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.03% 0.084
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String