{"id":"CVE-2022-49333","summary":"net/mlx5: E-Switch, pair only capable devices","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: E-Switch, pair only capable devices\n\nOFFLOADS paring using devcom is possible only on devices\nthat support LAG. Filter based on lag capabilities.\n\nThis fixes an issue where mlx5_get_next_phys_dev() was\ncalled without holding the interface lock.\n\nThis issue was found when commit\nbc4c2f2e0179 (\"net/mlx5: Lag, filter non compatible devices\")\nadded an assert that verifies the interface lock is held.\n\nWARNING: CPU: 9 PID: 1706 at drivers/net/ethernet/mellanox/mlx5/core/dev.c:642 mlx5_get_next_phys_dev+0xd2/0x100 [mlx5_core]\nModules linked in: mlx5_vdpa vringh vhost_iotlb vdpa mlx5_ib mlx5_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_umad ib_ipoib ib_cm ib_uverbs ib_core overlay fuse [last unloaded: mlx5_core]\nCPU: 9 PID: 1706 Comm: devlink Not tainted 5.18.0-rc7+ #11\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:mlx5_get_next_phys_dev+0xd2/0x100 [mlx5_core]\nCode: 02 00 75 48 48 8b 85 80 04 00 00 5d c3 31 c0 5d c3 be ff ff ff ff 48 c7 c7 08 41 5b a0 e8 36 87 28 e3 85 c0 0f 85 6f ff ff ff \u003c0f\u003e 0b e9 68 ff ff ff 48 c7 c7 0c 91 cc 84 e8 cb 36 6f e1 e9 4d ff\nRSP: 0018:ffff88811bf47458 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88811b398000 RCX: 0000000000000001\nRDX: 0000000080000000 RSI: ffffffffa05b4108 RDI: ffff88812daaaa78\nRBP: ffff88812d050380 R08: 0000000000000001 R09: ffff88811d6b3437\nR10: 0000000000000001 R11: 00000000fddd3581 R12: ffff88815238c000\nR13: ffff88812d050380 R14: ffff8881018aa7e0 R15: ffff88811d6b3428\nFS:  00007fc82e18ae80(0000) GS:ffff88842e080000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f9630d1b421 CR3: 0000000149802004 CR4: 0000000000370ea0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n mlx5_esw_offloads_devcom_event+0x99/0x3b0 [mlx5_core]\n mlx5_devcom_send_event+0x167/0x1d0 [mlx5_core]\n esw_offloads_enable+0x1153/0x1500 [mlx5_core]\n ? mlx5_esw_offloads_controller_valid+0x170/0x170 [mlx5_core]\n ? wait_for_completion_io_timeout+0x20/0x20\n ? mlx5_rescan_drivers_locked+0x318/0x810 [mlx5_core]\n mlx5_eswitch_enable_locked+0x586/0xc50 [mlx5_core]\n ? mlx5_eswitch_disable_pf_vf_vports+0x1d0/0x1d0 [mlx5_core]\n ? mlx5_esw_try_lock+0x1b/0xb0 [mlx5_core]\n ? mlx5_eswitch_enable+0x270/0x270 [mlx5_core]\n ? __debugfs_create_file+0x260/0x3e0\n mlx5_devlink_eswitch_mode_set+0x27e/0x870 [mlx5_core]\n ? mutex_lock_io_nested+0x12c0/0x12c0\n ? esw_offloads_disable+0x250/0x250 [mlx5_core]\n ? devlink_nl_cmd_trap_get_dumpit+0x470/0x470\n ? rcu_read_lock_sched_held+0x3f/0x70\n devlink_nl_cmd_eswitch_set_doit+0x217/0x620","modified":"2026-04-02T08:27:30.372698Z","published":"2025-02-26T02:10:52.081Z","related":["SUSE-SU-2025:1176-1","SUSE-SU-2025:1241-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49333.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0cef0b7eb044bb8cfdaff4c1db55a8fd442f6bc9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3008e6a0049361e731b803c60fe8f3ab44e1d73f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cdbcdddb8076a09aa6ddaf20fd911fc787dca0e5"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49333.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49333"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"dd3fddb82780bfa24124834edd90bbc63bd689cc"},{"fixed":"0cef0b7eb044bb8cfdaff4c1db55a8fd442f6bc9"},{"fixed":"cdbcdddb8076a09aa6ddaf20fd911fc787dca0e5"},{"fixed":"3008e6a0049361e731b803c60fe8f3ab44e1d73f"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"4d253ea99fbac316cbe4bafaf36087b592c2cd49"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49333.json"}}],"schema_version":"1.7.5"}