Linux Kernel DMA FIFO Desynchronization Vulnerability in mlx5e Component

A vulnerability in the Linux kernel's mlx5e networking component can lead to a desynchronization of the DMA FIFO producer and consumer. This issue arises during the recovery process from a transmission error, where the consumer reads from the beginning of the FIFO while the producer writes at an outdated position. As a result, stale DMA addresses from before the recovery are improperly unmapped. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability causes a warning related to improper DMA address unmapping, which can lead to issues with memory management and potentially allow for the misuse of stale DMA addresses.

Reproduction

The vulnerability can be reproduced by triggering a transmission error in the mlx5e component, which will initiate a recovery process. During this recovery, the DMA FIFO counters are improperly reset, causing a desynchronization between the producer and consumer. After the recovery, the producer writes at the old FIFO position while the consumer reads from the start, leading to the unmapping of stale DMA addresses.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this issue has been fixed.