{ "threat_severity" : "Moderate", "public_date" : "2025-02-26T00:00:00Z", "bugzilla" : { "description" : "kernel: virtio_net: fix xdp_rxq_info bug after suspend/resume", "id" : "2348177", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2348177" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nvirtio_net: fix xdp_rxq_info bug after suspend/resume\nThe following sequence currently causes a driver bug warning\nwhen using virtio_net:\n# ip link set eth0 up\n# echo mem > /sys/power/state (or e.g. # rtcwake -s 10 -m mem)\n\n# ip link set eth0 down\nMissing register, driver bug\nWARNING: CPU: 0 PID: 375 at net/core/xdp.c:138 xdp_rxq_info_unreg+0x58/0x60\nCall trace:\nxdp_rxq_info_unreg+0x58/0x60\nvirtnet_close+0x58/0xac\n__dev_close_many+0xac/0x140\n__dev_change_flags+0xd8/0x210\ndev_change_flags+0x24/0x64\ndo_setlink+0x230/0xdd0\n...\nThis happens because virtnet_freeze() frees the receive_queue\ncompletely (including struct xdp_rxq_info) but does not call\nxdp_rxq_info_unreg(). Similarly, virtnet_restore() sets up the\nreceive_queue again but does not call xdp_rxq_info_reg().\nActually, parts of virtnet_freeze_down() and virtnet_restore_up()\nare almost identical to virtnet_close() and virtnet_open(): only\nthe calls to xdp_rxq_info_(un)reg() are missing. This means that\nwe can fix this easily and avoid such problems in the future by\njust calling virtnet_close()/open() from the freeze/restore handlers.\nAside from adding the missing xdp_rxq_info calls the only difference\nis that the refill work is only cancelled if netif_running(). However,\nthis should not make any functional difference since the refill work\nshould only be active if the network interface is actually up." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-11-07T00:00:00Z", "advisory" : "RHSA-2023:6583", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-362.8.1.el9_3" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-11-07T00:00:00Z", "advisory" : "RHSA-2023:6583", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-362.8.1.el9_3" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-49687\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49687\nhttps://lore.kernel.org/linux-cve-announce/2025022626-CVE-2022-49687-bcfa@gregkh/T" ], "name" : "CVE-2022-49687", "csaw" : false }