CVE-2022-49605: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49605 affects the Linux kernel's Intel IGC (Intel Gigabit Controller) driver. The vulnerability was introduced when the IGC_REMOVED logic was removed from the driver code, which was originally designed to handle PCIe link flap or bus error conditions. The removal of this logic led to potential NULL pointer dereferences when a PCIe device becomes detached (Kernel Git).

The vulnerability stems from improper handling of MMIO (Memory-Mapped I/O) access in the igc driver. When a PCIe bus error occurs, the first access sets hw->hw_addr to NULL, but subsequent accesses continue to dereference this NULL pointer without proper checks. The issue affects the igc_rd32/wr32() MMIO accessors, which previously contained IGC_REMOVED checks that were removed based on the incorrect assumption that such checks were only needed for virtualization scenarios (Kernel Git).

When a PCIe link flap occurs on an IGC adapter, the system can experience NULL pointer dereferences, potentially leading to system crashes or denial of service conditions. This vulnerability affects systems running the Linux kernel with Intel IGC network adapters, even in non-virtualized environments (Kernel Git).

The issue has been fixed by reinstating the IGC_REMOVED checks in igc_rd32/wr32() functions and implementing the IGC_REMOVED macro properly. The fix implements IGC_REMOVED similar to the igb driver, checking for the unlikely case of hw_addr being NULL. Users should update to a patched kernel version that includes this fix (Kernel Git).