What is the severity of CVE-2022-49429?

CVE-2022-49429 has a medium severity level due to its potential to cause system panic.

How does CVE-2022-49429 impact the Linux kernel?

CVE-2022-49429 causes a null pointer dereference and system panic when the hfi1 module is loaded without SDMA capability.

How do I fix CVE-2022-49429?

To mitigate CVE-2022-49429, ensure that the hfi1 module is not loaded with HFI1_CAP_SDMA off or update the Linux kernel to the latest patched version.

Which versions of the Linux kernel are affected by CVE-2022-49429?

CVE-2022-49429 affects certain versions of the Linux kernel that utilize the hfi1 module with SDMA capability disabled.

Is CVE-2022-49429 exploitable remotely?

CVE-2022-49429 is not considered remotely exploitable as it requires local privilege to trigger the panic.

Vulnerability/
CVE-2022-49429

26/2/2025

CVE-2022-49429: RDMA/hfi1: Prevent panic when SDMA is disabled

First published: Wed Feb 26 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent panic when SDMA is disabled If the hfi1 module is loaded with HFI1_CAP_SDMA off, a call to hfi1_write_iter() will dereference a NULL pointer and panic. A typical stack frame is: sdma_select_user_engine [hfi1] hfi1_user_sdma_process_request [hfi1] hfi1_write_iter [hfi1] do_iter_readv_writev do_iter_write vfs_writev do_writev do_syscall_64 The fix is to test for SDMA in hfi1_write_iter() and fail the I/O with EINVAL.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-49429?
CVE-2022-49429 has a medium severity level due to its potential to cause system panic.
How does CVE-2022-49429 impact the Linux kernel?
CVE-2022-49429 causes a null pointer dereference and system panic when the hfi1 module is loaded without SDMA capability.
How do I fix CVE-2022-49429?
To mitigate CVE-2022-49429, ensure that the hfi1 module is not loaded with HFI1_CAP_SDMA off or update the Linux kernel to the latest patched version.
Which versions of the Linux kernel are affected by CVE-2022-49429?
CVE-2022-49429 affects certain versions of the Linux kernel that utilize the hfi1 module with SDMA capability disabled.
Is CVE-2022-49429 exploitable remotely?
CVE-2022-49429 is not considered remotely exploitable as it requires local privilege to trigger the panic.

collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/first-publish-date
agent/type
agent/title
agent/references
agent/source
agent/author
agent/description
agent/event
agent/last-modified-date
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
vendor/linux foundation
canonical/linux kernel

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.