Linux Kernel net/mlx5 Firmware Tracer Format String Validation Vulnerability

A vulnerability in the Linux kernel's firmware tracer for the Mellanox mlx5 driver has been addressed. This vulnerability involved the lack of validation for format string parameters received from device firmware, which could lead to crashes or undefined behavior. The firmware tracer uses these format strings to create trace messages, and without proper validation, malicious firmware could introduce strings with invalid specifiers that disrupt normal operation. The issue has been resolved by adding a validation function that ensures all format specifiers are limited to safe integer and hexadecimal formats. Invalid strings are now flagged and reported in the trace output.

Impact

Exploitation of this vulnerability could have led to crashes or other undefined behavior in the kernel's firmware tracing functionality.