Linux Kernel net/mlx5 Command Failure Data Handling Vulnerability Leading to Array Index Out-of-Bounds Error

A vulnerability in the Linux kernel's mlx5 driver can cause an array-index-out-of-bounds error. This issue arises because the driver attempts to collect failure data for general commands issued by DEVX, which the mlx5 driver does not utilize. Since there is no storage created for these commands, the failure data collection process leads to the out-of-bounds error. The vulnerability affects the Linux kernel's stable releases.

Impact

The vulnerability can be exploited to cause an array-index-out-of-bounds error, which may lead to memory corruption or other unintended behavior.

Reproduction

The vulnerability can be reproduced by issuing a general command through DEVX that is not recognized or used by the mlx5 driver. When this command fails, the mlx5 driver attempts to collect the failure data but encounters an array-index-out-of-bounds error due to the absence of a storage allocation for the unrecognized command.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the patched version are available on the Linux kernel's official website.