Linux Kernel i40e Queue Map Validation Vulnerability

A vulnerability in the Linux kernel's i40e driver has been addressed, specifically in the function i40e_validate_queue_map(). The issue was related to improper validation of index values, which could lead to out-of-bounds access when iterating over virtual function (VF) channel arrays. The vulnerability affected several versions of the Linux kernel.

Impact

The vulnerability could potentially lead to incorrect queue mapping validation, which might disrupt network traffic management for virtual functions using Intel's i40e driver.

Reproduction

The vulnerability can be reproduced by enabling Adaptive Queuing (ADq) on a virtual function (VF) and then manipulating the queue mapping. The i40e_validate_queue_map() function will be called, where the lack of proper index validation can be observed, potentially leading to out-of-bounds access.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the official Linux kernel website.