Linux Kernel ixgbe Driver EEE Link Mode Mapping Vulnerability

A vulnerability in the Linux kernel ixgbe Ethernet driver has been addressed, which involved an incorrect mapping of Energy Efficient Ethernet (EEE) link modes. The issue arose because the driver improperly used the 'ixgbe_lp_map' to populate the supported and advertised EEE link mode bitmaps, instead of the correct 'ixgbe_ls_map'. This mistake led to incorrect bit settings and potential out-of-bounds access, as the two maps have different sizes and purposes. The vulnerability could have been exploited by manipulating the link mode mappings, causing out-of-bounds access errors.

Impact

The vulnerability could lead to out-of-bounds access errors, potentially causing memory corruption or other unintended behavior in the system.

Reproduction

The vulnerability could be reproduced by using the ixgbe Ethernet driver in the Linux kernel. When the driver populates the EEE link mode bitmaps, it incorrectly uses the 'ixgbe_lp_map' instead of the 'ixgbe_ls_map'. This can be observed by monitoring the link mode mappings during the driver's operation, where the incorrect bit settings can lead to out-of-bounds access errors.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been fixed. The specific commit addressing this issue is available in the Linux kernel stable tree.