Linux Kernel up to 5.18.5 setup_tx_descriptors i40e_vsi_close denial of service

Summaryinfo

A vulnerability was found in Linux Kernel up to 5.18.5. It has been rated as problematic. Affected by this vulnerability is the function i40e_vsi_close of the component setup_tx_descriptors. Performing a manipulation results in denial of service. This vulnerability is reported as CVE-2022-49725. No exploit exists. Upgrading the affected component is advised.

Detailsinfo

A vulnerability classified as problematic has been found in Linux Kernel up to 5.18.5. This affects the function i40e_vsi_close of the component setup_tx_descriptors. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is classifying the issue as CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. This is going to have an impact on availability. The summary by CVE is:

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix call trace in setup_tx_descriptors After PF reset and ethtool -t there was call trace in dmesg sometimes leading to panic. When there was some time, around 5 seconds, between reset and test there were no errors. Problem was that pf reset calls i40e_vsi_close in prep_for_reset and ethtool -t calls i40e_vsi_close in diag_test. If there was not enough time between those commands the second i40e_vsi_close starts before previous i40e_vsi_close was done which leads to crash. Add check to diag_test if pf is in reset and don't start offline tests if it is true. Add netif_info("testing failed") into unhappy path of i40e_diag_test()

The advisory is shared at git.kernel.org. This vulnerability is uniquely identified as CVE-2022-49725 since 02/26/2025. The exploitability is told to be difficult. Technical details are known, but no exploit is available.

The vulnerability scanner Nessus provides a plugin with the ID 237099 (SUSE SLES12 Security Update : kernel (SUSE-SU-2025:01600-1)), which helps to determine the existence of the flaw in a target environment.

Upgrading to version 4.14.285, 4.19.249, 5.4.200, 5.10.124, 5.15.49 or 5.18.6 eliminates this vulnerability. Applying the patch 5ba9956ca57e361fb13ea369bb753eb33177acc7/15950157e2c24865b696db1c9ccc72743ae0e967/ff6e03fe84bc917bb0c907d02de668c2fe101712/814092927a215f5ca6c08249ec72a205e0b473cd/0a4e5a3dc5e41212870e6043895ae02455c93f63/322271351b0e41565171e4cce70ea41854fac115/fd5855e6b1358e816710afee68a1d2bc685176ca is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.

The vulnerability is also documented in the vulnerability database at Tenable (237099). Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Type

• Operating System

Vendor

• Linux

Name

• Kernel

Version

• 4.14.284
• 4.19.248
• 5.4.199
• 5.10.123
• 5.15.0
• 5.15.1
• 5.15.2
• 5.15.3
• 5.15.4
• 5.15.5
• 5.15.6
• 5.15.7
• 5.15.8
• 5.15.9
• 5.15.10
• 5.15.11
• 5.15.12
• 5.15.13
• 5.15.14
• 5.15.15
• 5.15.16
• 5.15.17
• 5.15.18
• 5.15.19
• 5.15.20
• 5.15.21
• 5.15.22
• 5.15.23
• 5.15.24
• 5.15.25
• 5.15.26
• 5.15.27
• 5.15.28
• 5.15.29
• 5.15.30
• 5.15.31
• 5.15.32
• 5.15.33
• 5.15.34
• 5.15.35
• 5.15.36
• 5.15.37
• 5.15.38
• 5.15.39
• 5.15.40
• 5.15.41
• 5.15.42
• 5.15.43
• 5.15.44
• 5.15.45
• 5.15.46
• 5.15.47
• 5.15.48
• 5.18.0
• 5.18.1
• 5.18.2
• 5.18.3
• 5.18.4
• 5.18.5

License

• open-source

Website

• Vendor: https://www.kernel.org/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Discussion