Can you explain this vulnerability to me?

This vulnerability occurs in the Linux kernel related to the octeontx2-af and PF drivers during a kexec reboot. Because the hardware is not power-cycled during kexec, the AF driver's state from the old kernel can persist into the new kernel.

When the AF and PF drivers are built as modules, the PF driver may start probing before the AF driver has reinitialized the hardware. The PF driver uses the RVUM block revision as an indicator that the AF driver has completed initialization.

If the RVUM block revision value is not cleared during shutdown, the PF driver may mistakenly assume the AF driver is ready and access stale hardware state, which can cause the PF driver to crash.

The fix involves clearing the RVUM block revision during AF shutdown to prevent the PF driver from misdetecting AF readiness after a kexec reboot.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

This vulnerability can cause the PF driver to crash during a kexec reboot because it may access stale hardware state if it incorrectly assumes the AF driver has completed initialization.

Such crashes can lead to system instability or downtime during kernel reboots using kexec, potentially affecting system availability.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, ensure that the Linux kernel version you are using includes the fix for the octeontx2-af PF driver crash during kexec kernel booting.

Specifically, the fix involves clearing the RVUM block revision during AF shutdown to prevent the PF driver from mis-detecting AF readiness and accessing stale hardware state.

Therefore, updating your kernel to a version that contains this patch is the immediate step to prevent crashes related to this issue.

Useful 0 Not Useful 0