{"id":"CVE-2022-49234","summary":"net: dsa: Avoid cross-chip syncing of VLAN filtering","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: Avoid cross-chip syncing of VLAN filtering\n\nChanges to VLAN filtering are not applicable to cross-chip\nnotifications.\n\nOn a system like this:\n\n.-----.   .-----.   .-----.\n| sw1 +---+ sw2 +---+ sw3 |\n'-1-2-'   '-1-2-'   '-1-2-'\n\nBefore this change, upon sw1p1 leaving a bridge, a call to\ndsa_port_vlan_filtering would also be made to sw2p1 and sw3p1.\n\nIn this scenario:\n\n.---------.   .-----.   .-----.\n|   sw1   +---+ sw2 +---+ sw3 |\n'-1-2-3-4-'   '-1-2-'   '-1-2-'\n\nWhen sw1p4 would leave a bridge, dsa_port_vlan_filtering would be\ncalled for sw2 and sw3 with a non-existing port - leading to array\nout-of-bounds accesses and crashes on mv88e6xxx.","modified":"2025-12-04T13:39:01.056715Z","published":"2025-02-26T01:55:59.615Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49234.json","cna_assigner":"Linux"},"references":[{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"},{"type":"WEB","url":"https://git.kernel.org/stable/c/108dc8741c203e9d6ce4e973367f1bac20c7192b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e1f2a4dd8d433eec393d09273a78a3d3551339cf"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49234.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49234"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"d371b7c92d190448f3ccbf082c90bf929285f648"},{"fixed":"e1f2a4dd8d433eec393d09273a78a3d3551339cf"},{"fixed":"108dc8741c203e9d6ce4e973367f1bac20c7192b"}]}],"versions":["v5.1","v5.1-rc7","v5.10","v5.10-rc1","v5.10-rc2","v5.10-rc3","v5.10-rc4","v5.10-rc5","v5.10-rc6","v5.10-rc7","v5.11","v5.11-rc1","v5.11-rc2","v5.11-rc3","v5.11-rc4","v5.11-rc5","v5.11-rc6","v5.11-rc7","v5.12","v5.12-rc1","v5.12-rc1-dontuse","v5.12-rc2","v5.12-rc3","v5.12-rc4","v5.12-rc5","v5.12-rc6","v5.12-rc7","v5.12-rc8","v5.13","v5.13-rc1","v5.13-rc2","v5.13-rc3","v5.13-rc4","v5.13-rc5","v5.13-rc6","v5.13-rc7","v5.14","v5.14-rc1","v5.14-rc2","v5.14-rc3","v5.14-rc4","v5.14-rc5","v5.14-rc6","v5.14-rc7","v5.15","v5.15-rc1","v5.15-rc2","v5.15-rc3","v5.15-rc4","v5.15-rc5","v5.15-rc6","v5.15-rc7","v5.16","v5.16-rc1","v5.16-rc2","v5.16-rc3","v5.16-rc4","v5.16-rc5","v5.16-rc6","v5.16-rc7","v5.16-rc8","v5.17","v5.17-rc1","v5.17-rc2","v5.17-rc3","v5.17-rc4","v5.17-rc5","v5.17-rc6","v5.17-rc7","v5.17-rc8","v5.17.1","v5.2","v5.2-rc1","v5.2-rc2","v5.2-rc3","v5.2-rc4","v5.2-rc5","v5.2-rc6","v5.2-rc7","v5.3","v5.3-rc1","v5.3-rc2","v5.3-rc3","v5.3-rc4","v5.3-rc5","v5.3-rc6","v5.3-rc7","v5.3-rc8","v5.4","v5.4-rc1","v5.4-rc2","v5.4-rc3","v5.4-rc4","v5.4-rc5","v5.4-rc6","v5.4-rc7","v5.4-rc8","v5.5","v5.5-rc1","v5.5-rc2","v5.5-rc3","v5.5-rc4","v5.5-rc5","v5.5-rc6","v5.5-rc7","v5.6","v5.6-rc1","v5.6-rc2","v5.6-rc3","v5.6-rc4","v5.6-rc5","v5.6-rc6","v5.6-rc7","v5.7","v5.7-rc1","v5.7-rc2","v5.7-rc3","v5.7-rc4","v5.7-rc5","v5.7-rc6","v5.7-rc7","v5.8","v5.8-rc1","v5.8-rc2","v5.8-rc3","v5.8-rc4","v5.8-rc5","v5.8-rc6","v5.8-rc7","v5.9","v5.9-rc1","v5.9-rc2","v5.9-rc3","v5.9-rc4","v5.9-rc5","v5.9-rc6","v5.9-rc7","v5.9-rc8"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49234.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.2.0"},{"fixed":"5.17.2"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49234.json"}}],"schema_version":"1.7.3"}