Linux Kernel RDMA/bnxt_re Division Error Vulnerability Leading to Kernel Panic

A division error vulnerability has been identified in the Linux kernel's RDMA/bnxt_re component, specifically when using NVMe target with 'use_srq' enabled. This vulnerability causes a kernel panic due to improper handling of page details for shared receive queues (SRQs) created by kernel consumers. The issue arises because the page size and shift information is only configured for user space SRQs, leaving kernel space SRQs vulnerable to this error.

Impact

Exploitation of this vulnerability leads to a kernel panic, causing a denial of service by abruptly terminating system processes and potentially causing data loss.

Reproduction

To reproduce this vulnerability, enable the 'use_srq' option while using an NVMe target. This will trigger a kernel panic due to a division error, as the kernel space shared receive queues do not have the correct page size and shift information, unlike the user space SRQs.