{
  "threat_severity" : "Moderate",
  "public_date" : "2025-02-26T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: sfc: fix considering that all channels have TX queues",
    "id" : "2347679",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2347679"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nsfc: fix considering that all channels have TX queues\nNormally, all channels have RX and TX queues, but this is not true if\nmodparam efx_separate_tx_channels=1 is used. In that cases, some\nchannels only have RX queues and others only TX queues (or more\npreciselly, they have them allocated, but not initialized).\nFix efx_channel_has_tx_queues to return the correct value for this case\ntoo.\nMessages shown at probe time before the fix:\nsfc 0000:03:00.0 ens6f0np0: MC command 0x82 inlen 544 failed rc=-22 (raw=0) arg=0\n------------[ cut here ]------------\nnetdevice: ens6f0np0: failed to initialise TXQ -1\nWARNING: CPU: 1 PID: 626 at drivers/net/ethernet/sfc/ef10.c:2393 efx_ef10_tx_init+0x201/0x300 [sfc]\n[...] stripped\nRIP: 0010:efx_ef10_tx_init+0x201/0x300 [sfc]\n[...] stripped\nCall Trace:\nefx_init_tx_queue+0xaa/0xf0 [sfc]\nefx_start_channels+0x49/0x120 [sfc]\nefx_start_all+0x1f8/0x430 [sfc]\nefx_net_open+0x5a/0xe0 [sfc]\n__dev_open+0xd0/0x190\n__dev_change_flags+0x1b3/0x220\ndev_change_flags+0x21/0x60\n[...] stripped\nMessages shown at remove time before the fix:\nsfc 0000:03:00.0 ens6f0np0: failed to flush 10 queues\nsfc 0000:03:00.0 ens6f0np0: failed to flush queues" ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2022-11-08T00:00:00Z",
    "advisory" : "RHSA-2022:7683",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-425.3.1.el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2022-11-15T00:00:00Z",
    "advisory" : "RHSA-2022:8267",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-162.6.1.el9_1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2022-11-15T00:00:00Z",
    "advisory" : "RHSA-2022:8267",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-162.6.1.el9_1"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-49378\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49378\nhttps://lore.kernel.org/linux-cve-announce/2025022647-CVE-2022-49378-2598@gregkh/T" ],
  "name" : "CVE-2022-49378",
  "csaw" : false
}