CVE-2022-48788
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
nvme-rdma: fix possible use-after-free in transport error_recovery work
While nvme_rdma_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in order to fully prevent a race where this check is not reliable the error recovery work must flush async_event_work before continuing to destroy the admin queue after setting the ctrl state to RESETTING such that there is no race .submit_async_event and the error recovery handler itself changing the ctrl state.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 7110230719602852481c2793d054f866b2bf4a2b < 5593f72d1922403c11749532e3a0aa4cf61414e9 | affected |
| Linux | Linux | 7110230719602852481c2793d054f866b2bf4a2b < d411b2a5da68b8a130c23097014434ac140a2ace | affected |
| Linux | Linux | 7110230719602852481c2793d054f866b2bf4a2b < 324f5bdc52ecb6a6dadb31a62823ef8c709d1439 | affected |
| Linux | Linux | 7110230719602852481c2793d054f866b2bf4a2b < 646952b2210f19e584d2bf9eb5d092abdca2fcc1 | affected |
| Linux | Linux | 7110230719602852481c2793d054f866b2bf4a2b < ea86027ac467a055849c4945906f799e7f65ab99 | affected |
| Linux | Linux | 7110230719602852481c2793d054f866b2bf4a2b < b6bb1722f34bbdbabed27acdceaf585d300c5fd2 | affected |
| Linux | Linux | 4.8 | affected |
| Linux | Linux | 0 < 4.8 | unaffected |
| Linux | Linux | 4.19.231 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.181 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.102 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.25 <= 5.15.* | unaffected |
| Linux | Linux | 5.16.11 <= 5.16.* | unaffected |
| Linux | Linux | 5.17 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/5593f72d1922403c11749532e3a0aa4cf61414e9
- https://git.kernel.org/stable/c/d411b2a5da68b8a130c23097014434ac140a2ace
- https://git.kernel.org/stable/c/324f5bdc52ecb6a6dadb31a62823ef8c709d1439
- https://git.kernel.org/stable/c/646952b2210f19e584d2bf9eb5d092abdca2fcc1
- https://git.kernel.org/stable/c/ea86027ac467a055849c4945906f799e7f65ab99
- https://git.kernel.org/stable/c/b6bb1722f34bbdbabed27acdceaf585d300c5fd2
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/5593f72d1922403c11749532e3a0aa4cf61414e9
- https://git.kernel.org/stable/c/d411b2a5da68b8a130c23097014434ac140a2ace
- https://git.kernel.org/stable/c/324f5bdc52ecb6a6dadb31a62823ef8c709d1439
- https://git.kernel.org/stable/c/646952b2210f19e584d2bf9eb5d092abdca2fcc1
- https://git.kernel.org/stable/c/ea86027ac467a055849c4945906f799e7f65ab99
- https://git.kernel.org/stable/c/b6bb1722f34bbdbabed27acdceaf585d300c5fd2
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.