SB20250226589 - Improper error handling in Linux kernel intel ice driver
Published: February 26, 2025 Updated: May 11, 2025
Security Bulletin ID
SB20250226589
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper error handling (CVE-ID: CVE-2022-49193)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ice_service_task() and ice_misc_intr() functions in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/24d7ac8426306ae7ccea7f7dd612a7368fe7201d
- https://git.kernel.org/stable/c/32d53c0aa3a7b727243473949bad2a830b908edc
- https://git.kernel.org/stable/c/59e88a50afad7469c55804e46bf2924b9130281f
- https://git.kernel.org/stable/c/9b77c8cf69a41d1e3851370aeaa04a9ea83b865c
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.33