CVE-2022-48808: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-48808 is a vulnerability in the Linux kernel's Distributed Switch Architecture (DSA) subsystem that can cause a kernel panic when a DSA master device unbinds during system shutdown. The vulnerability was discovered in Linux kernel versions 5.15 through 5.15.155 and 5.16 through 5.16.10 (NVD).

The vulnerability occurs when a DSA master device (like dpaa2-eth) is up during system reboot. The deregistration of the master triggers a devclose() call, which sends a NETDEVGOINGDOWN notification to dsaslavenetdeviceevent(). However, since dsaswitchshutdown() has already run and unregistered the DSA slave interfaces, the NETDEVGOINGDOWN handler's attempt to call devclosemany() on those slave interfaces results in a kernel panic. The vulnerability has a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD, Kernel Patch).

When exploited, this vulnerability leads to a denial of service condition through a kernel panic during system shutdown. The impact is limited to local systems where an attacker has sufficient privileges to trigger the shutdown process (NVD).

The vulnerability has been fixed by modifying the shutdown process to avoid unregistering slave interfaces and instead resetting the master->dsa_ptr pointer to NULL after slaves stop being uppers of the DSA master. This change makes DSA ignore all future notifier events on the master. The fix is available in the kernel patch ee534378f00561207656663d93907583958339ae (Kernel Patch).