CVE-2022-49333
📋 TL;DR
A race condition vulnerability in the Linux kernel's mlx5 driver where mlx5_get_next_phys_dev() is called without proper locking when pairing devices for E-Switch offloads. This can cause kernel warnings or crashes, affecting systems using Mellanox network adapters with E-Switch functionality enabled.
💻 Affected Systems
- Linux kernel with mlx5 driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially disrupting network connectivity.
Likely Case
Kernel warning messages in system logs and potential system instability when configuring E-Switch offloads.
If Mitigated
Minor performance impact from proper locking implementation.
🎯 Exploit Status
Requires CAP_NET_ADMIN or root privileges to execute devlink commands that trigger the race condition.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits 0cef0b7eb044bb8cfdaff4c1db55a8fd442f6bc9, 3008e6a0049361e731b803c60fe8f3ab44e1d73f, cdbcdddb8076a09aa6ddaf20fd911fc787dca0e5
Vendor Advisory: https://git.kernel.org/stable/c/0cef0b7eb044bb8cfdaff4c1db55a8fd442f6bc9
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check distribution-specific security advisories. 3. Reboot system to load patched kernel.
🔧 Temporary Workarounds
Disable E-Switch offloads
linuxPrevent triggering the race condition by disabling E-Switch functionality
devlink dev eswitch set pci/0000:xx:xx.x mode legacy
Restrict devlink access
linuxLimit who can execute devlink commands that might trigger the vulnerability
chmod 750 /sys/kernel/debug/mlx5
setfacl -m u:root:rwx /sys/kernel/debug/mlx5
🧯 If You Can't Patch
- Restrict access to devlink interface to trusted administrators only
- Monitor system logs for kernel warnings related to mlx5_get_next_phys_dev
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if mlx5 driver is loaded: lsmod | grep mlx5 && uname -rCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits: git log --oneline | grep -E '0cef0b7eb044|3008e6a00493|cdbcdddb8076'📡 Detection & Monitoring
Log Indicators:
- Kernel warnings containing 'mlx5_get_next_phys_dev'
- Call traces mentioning mlx5_esw_offloads_devcom_event
Network Indicators:
- None - this is a local kernel issue
SIEM Query:
source="kernel" AND "mlx5_get_next_phys_dev" OR "WARNING: CPU.*mlx5_core"