CVE-2022-49605: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: igc: Reinstate IGC_REMOVED logic and implement it properly The initially merged version of the igc driver code (via commit 146740f9abc4, "igc: Add support for PF") contained the following IGC_REMOVED checks in the igc_rd32/wr32() MMIO accessors: u32 igc_rd32(struct igc_hw *hw, u32 reg) { u8 __iomem *hw_addr = READ_ONCE(hw->hw_addr); u32 value = 0; if (IGC_REMOVED(hw_addr)) return ~value; value = readl(&hw_addr[reg]); /* reads should not return all F's */ if (!(~value) && (!reg || !(~readl(hw_addr)))) hw->hw_addr = NULL; return value; } And: #define wr32(reg, val) \ do { \ u8 __iomem *hw_addr = READ_ONCE((hw)->hw_addr); \ if (!IGC_REMOVED(hw_addr)) \ writel((val), &hw_addr[(reg)]); \ } while (0) E.g. igb has similar checks in its MMIO accessors, and has a similar macro E1000_REMOVED, which is implemented as follows: #define E1000_REMOVED(h) unlikely(!(h)) These checks serve to detect and take note of an 0xffffffff MMIO read return from the device, which can be caused by a PCIe link flap or some other kind of PCI bus error, and to avoid performing MMIO reads and writes from that point onwards. However, the IGC_REMOVED macro was not originally implemented: #ifndef IGC_REMOVED #define IGC_REMOVED(a) (0) #endif /* IGC_REMOVED */ This led to the IGC_REMOVED logic to be removed entirely in a subsequent commit (commit 3c215fb18e70, "igc: remove IGC_REMOVED function"), with the rationale that such checks matter only for virtualization and that igc does not support virtualization -- but a PCIe device can become detached even without virtualization being in use, and without proper checks, a PCIe bus error affecting an igc adapter will lead to various NULL pointer dereferences, as the first access after the error will set hw->hw_addr to NULL, and subsequent accesses will blindly dereference this now-NULL pointer. This patch reinstates the IGC_REMOVED checks in igc_rd32/wr32(), and implements IGC_REMOVED the way it is done for igb, by checking for the unlikely() case of hw_addr being NULL. This change prevents the oopses seen when a PCIe link flap occurs on an igc adapter.
AI Analysis
Technical Summary
CVE-2022-49605 addresses a vulnerability in the Linux kernel's igc network driver, which handles Intel Gigabit Ethernet controllers. The issue stems from improper handling of PCIe bus errors, specifically PCIe link flaps, which can cause memory-mapped I/O (MMIO) reads to return 0xffffffff. Originally, the igc driver included logic (IGC_REMOVED checks) to detect such error states and avoid further MMIO accesses that could lead to system instability. However, this protective logic was removed in a subsequent commit under the assumption that it was only relevant for virtualization scenarios, which igc does not support. This assumption is flawed because PCIe devices can experience link flaps or detachments even outside virtualization contexts. Without the IGC_REMOVED checks, the driver fails to properly handle these error conditions, leading to NULL pointer dereferences when the hardware address pointer (hw->hw_addr) is set to NULL after detecting an error. Subsequent MMIO accesses then dereference this NULL pointer, causing kernel oops (crashes) and potential denial of service. The patch reinstates the IGC_REMOVED logic, implementing it similarly to the igb driver by checking if the hardware address pointer is NULL before performing MMIO reads or writes. This fix prevents kernel crashes triggered by PCIe link flaps on affected igc adapters by safely handling error states and avoiding invalid memory accesses. The vulnerability affects Linux kernel versions containing the specified commit 146740f9abc4 and related versions where the IGC_REMOVED logic was removed. No known exploits are reported in the wild as of the publication date. No CVSS score is assigned yet.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with the affected igc driver versions and using Intel Gigabit Ethernet controllers supported by this driver. The impact is mainly on system stability and availability, as kernel crashes (oops) can cause network outages, service disruptions, and potential data loss if critical systems reboot unexpectedly. This can affect data centers, enterprise servers, and network infrastructure devices relying on these network adapters. In environments with high PCIe traffic or unstable hardware conditions, the likelihood of PCIe link flaps increases, exacerbating the risk. Although this vulnerability does not directly lead to privilege escalation or data confidentiality breaches, the resulting denial of service can disrupt business operations, especially in sectors like finance, telecommunications, and critical infrastructure prevalent in Europe. Additionally, recovery from kernel crashes may require manual intervention, increasing operational costs and downtime. Since the vulnerability arises from hardware error conditions, it may also complicate troubleshooting and incident response. The absence of known exploits reduces immediate threat level but does not eliminate risk, particularly in large-scale deployments where hardware faults are more common.
Mitigation Recommendations
European organizations should apply the Linux kernel patches that reinstate the IGC_REMOVED logic in the igc driver as soon as they become available. Specifically, updating to kernel versions that include the fix or backporting the patch to in-use kernel versions is essential. Network administrators should monitor kernel logs for signs of PCIe link flaps or igc driver oops to detect potential exploitation or hardware issues early. Implementing hardware health monitoring and ensuring PCIe devices and cables are in good condition can reduce the frequency of link flaps. For critical systems, consider deploying redundant network interfaces or failover mechanisms to maintain availability during transient hardware errors. Additionally, organizations should review their virtualization environments to confirm that similar checks are in place for other drivers, even if igc is not used in virtualization. Finally, maintain up-to-date Linux kernel versions and subscribe to vendor security advisories to promptly address similar vulnerabilities.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Sweden, Belgium, Finland
CVE-2022-49605: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: igc: Reinstate IGC_REMOVED logic and implement it properly The initially merged version of the igc driver code (via commit 146740f9abc4, "igc: Add support for PF") contained the following IGC_REMOVED checks in the igc_rd32/wr32() MMIO accessors: u32 igc_rd32(struct igc_hw *hw, u32 reg) { u8 __iomem *hw_addr = READ_ONCE(hw->hw_addr); u32 value = 0; if (IGC_REMOVED(hw_addr)) return ~value; value = readl(&hw_addr[reg]); /* reads should not return all F's */ if (!(~value) && (!reg || !(~readl(hw_addr)))) hw->hw_addr = NULL; return value; } And: #define wr32(reg, val) \ do { \ u8 __iomem *hw_addr = READ_ONCE((hw)->hw_addr); \ if (!IGC_REMOVED(hw_addr)) \ writel((val), &hw_addr[(reg)]); \ } while (0) E.g. igb has similar checks in its MMIO accessors, and has a similar macro E1000_REMOVED, which is implemented as follows: #define E1000_REMOVED(h) unlikely(!(h)) These checks serve to detect and take note of an 0xffffffff MMIO read return from the device, which can be caused by a PCIe link flap or some other kind of PCI bus error, and to avoid performing MMIO reads and writes from that point onwards. However, the IGC_REMOVED macro was not originally implemented: #ifndef IGC_REMOVED #define IGC_REMOVED(a) (0) #endif /* IGC_REMOVED */ This led to the IGC_REMOVED logic to be removed entirely in a subsequent commit (commit 3c215fb18e70, "igc: remove IGC_REMOVED function"), with the rationale that such checks matter only for virtualization and that igc does not support virtualization -- but a PCIe device can become detached even without virtualization being in use, and without proper checks, a PCIe bus error affecting an igc adapter will lead to various NULL pointer dereferences, as the first access after the error will set hw->hw_addr to NULL, and subsequent accesses will blindly dereference this now-NULL pointer. This patch reinstates the IGC_REMOVED checks in igc_rd32/wr32(), and implements IGC_REMOVED the way it is done for igb, by checking for the unlikely() case of hw_addr being NULL. This change prevents the oopses seen when a PCIe link flap occurs on an igc adapter.
AI-Powered Analysis
Technical Analysis
CVE-2022-49605 addresses a vulnerability in the Linux kernel's igc network driver, which handles Intel Gigabit Ethernet controllers. The issue stems from improper handling of PCIe bus errors, specifically PCIe link flaps, which can cause memory-mapped I/O (MMIO) reads to return 0xffffffff. Originally, the igc driver included logic (IGC_REMOVED checks) to detect such error states and avoid further MMIO accesses that could lead to system instability. However, this protective logic was removed in a subsequent commit under the assumption that it was only relevant for virtualization scenarios, which igc does not support. This assumption is flawed because PCIe devices can experience link flaps or detachments even outside virtualization contexts. Without the IGC_REMOVED checks, the driver fails to properly handle these error conditions, leading to NULL pointer dereferences when the hardware address pointer (hw->hw_addr) is set to NULL after detecting an error. Subsequent MMIO accesses then dereference this NULL pointer, causing kernel oops (crashes) and potential denial of service. The patch reinstates the IGC_REMOVED logic, implementing it similarly to the igb driver by checking if the hardware address pointer is NULL before performing MMIO reads or writes. This fix prevents kernel crashes triggered by PCIe link flaps on affected igc adapters by safely handling error states and avoiding invalid memory accesses. The vulnerability affects Linux kernel versions containing the specified commit 146740f9abc4 and related versions where the IGC_REMOVED logic was removed. No known exploits are reported in the wild as of the publication date. No CVSS score is assigned yet.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with the affected igc driver versions and using Intel Gigabit Ethernet controllers supported by this driver. The impact is mainly on system stability and availability, as kernel crashes (oops) can cause network outages, service disruptions, and potential data loss if critical systems reboot unexpectedly. This can affect data centers, enterprise servers, and network infrastructure devices relying on these network adapters. In environments with high PCIe traffic or unstable hardware conditions, the likelihood of PCIe link flaps increases, exacerbating the risk. Although this vulnerability does not directly lead to privilege escalation or data confidentiality breaches, the resulting denial of service can disrupt business operations, especially in sectors like finance, telecommunications, and critical infrastructure prevalent in Europe. Additionally, recovery from kernel crashes may require manual intervention, increasing operational costs and downtime. Since the vulnerability arises from hardware error conditions, it may also complicate troubleshooting and incident response. The absence of known exploits reduces immediate threat level but does not eliminate risk, particularly in large-scale deployments where hardware faults are more common.
Mitigation Recommendations
European organizations should apply the Linux kernel patches that reinstate the IGC_REMOVED logic in the igc driver as soon as they become available. Specifically, updating to kernel versions that include the fix or backporting the patch to in-use kernel versions is essential. Network administrators should monitor kernel logs for signs of PCIe link flaps or igc driver oops to detect potential exploitation or hardware issues early. Implementing hardware health monitoring and ensuring PCIe devices and cables are in good condition can reduce the frequency of link flaps. For critical systems, consider deploying redundant network interfaces or failover mechanisms to maintain availability during transient hardware errors. Additionally, organizations should review their virtualization environments to confirm that similar checks are in place for other drivers, even if igc is not used in virtualization. Finally, maintain up-to-date Linux kernel versions and subscribe to vendor security advisories to promptly address similar vulnerabilities.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2025-02-26T02:21:30.416Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d982cc4522896dcbe45e5
Added to database: 5/21/2025, 9:09:00 AM
Last enriched: 6/29/2025, 11:11:27 PM
Last updated: 8/11/2025, 7:31:03 PM
Views: 28
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.