CVE-2022-49925 is a vulnerability identified in the Linux kernel's RDMA (Remote Direct Memory Access) core subsystem, specifically within the ib_core module. The issue arises from a null pointer dereference in the ib_core_cleanup() function. The root cause is that the failure of the roce_gid_mgmt_init() function is not properly handled during initialization (ib_core_init()). This function attempts to allocate a workqueue (gid_cache_wq) using alloc_ordered_workqueue, which can fail. If this allocation fails, the pointer gid_cache_wq remains uninitialized (null). Later, during cleanup, the ib_core_cleanup() function calls roce_gid_mgmt_cleanup(), which attempts to destroy the workqueue via destroy_workqueue(gid_cache_wq) without verifying if gid_cache_wq was successfully allocated. This leads to a null pointer dereference, causing a kernel crash or system instability. The vulnerability was detected by KASAN (Kernel Address Sanitizer), which reported the null pointer dereference during the destroy_workqueue call. The fix involves modifying ib_core_init() to properly handle the failure of roce_gid_mgmt_init(), ensuring that cleanup functions do not operate on uninitialized pointers. This vulnerability affects Linux kernel versions containing the specified commit hashes and impacts systems using the RDMA core subsystem, which is commonly used in high-performance computing and data center environments for low-latency networking. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.

For European organizations, this vulnerability could lead to system crashes or denial of service on Linux servers that utilize RDMA capabilities, particularly in environments relying on high-performance computing, data centers, or cloud infrastructure where RDMA is used to optimize network performance. The null pointer dereference can cause kernel panics, leading to downtime and potential disruption of critical services. While this vulnerability does not directly expose data or allow privilege escalation, the resulting instability can impact availability and operational continuity. Organizations with workloads dependent on RDMA-enabled Linux servers, such as financial institutions, research centers, and cloud service providers in Europe, may face increased risk of service interruptions. Additionally, the lack of proper error handling could be leveraged in complex attack chains to cause denial of service conditions. However, since exploitation requires triggering kernel code paths related to RDMA initialization and cleanup, the attack surface is somewhat limited to systems with RDMA enabled and configured.

European organizations should prioritize updating their Linux kernels to versions where this vulnerability is patched. Specifically, they should apply the fix that ensures proper handling of the failure in roce_gid_mgmt_init() during ib_core initialization. System administrators should audit their environments to identify servers running RDMA-enabled Linux kernels and verify if they are using affected versions. If immediate patching is not feasible, organizations can consider disabling RDMA functionality temporarily to mitigate risk, though this may impact performance. Additionally, monitoring kernel logs for KASAN reports or kernel panics related to ib_core_cleanup() can help detect attempts to trigger this vulnerability. Implementing robust kernel crash recovery and high availability configurations will reduce downtime impact. Finally, organizations should maintain strict access controls and monitoring on systems with RDMA capabilities to detect anomalous behavior that might indicate exploitation attempts.