CVE-2022-48816
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
SUNRPC: lock against ->sock changing during sysfs read
->sock can be set to NULL asynchronously unless ->recv_mutex is held. So it is important to hold that mutex. Otherwise a sysfs read can trigger an oops. Commit 17f09d3f619a ("SUNRPC: Check if the xprt is connected before handling sysfs reads") appears to attempt to fix this problem, but it only narrows the race window.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | a8482488a7d6d320f63a9ee1912dbb5ae5b80a61 < fdc42287ae3f8a35cc2098307f52d7864b4bc8ed | affected |
| Linux | Linux | a8482488a7d6d320f63a9ee1912dbb5ae5b80a61 < 9482ab4540f5bcc869b44c067ae99b5fca16bd07 | affected |
| Linux | Linux | a8482488a7d6d320f63a9ee1912dbb5ae5b80a61 < b49ea673e119f59c71645e2f65b3ccad857c90ee | affected |
| Linux | Linux | 21a2be1a5145d072deedc7cdc5b2d17380abea75 | affected |
| Linux | Linux | 77876473912d1bf1ed16bffa1674e5ff0f499f25 | affected |
| Linux | Linux | 5.10.67 < 5.11 | affected |
| Linux | Linux | 5.13.19 < 5.14 | affected |
| Linux | Linux | 5.14 | affected |
| Linux | Linux | 0 < 5.14 | unaffected |
| Linux | Linux | 5.15.209 <= 5.15.* | unaffected |
| Linux | Linux | 5.16.10 <= 5.16.* | unaffected |
| Linux | Linux | 5.17 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/9482ab4540f5bcc869b44c067ae99b5fca16bd07
- https://git.kernel.org/stable/c/b49ea673e119f59c71645e2f65b3ccad857c90ee
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/fdc42287ae3f8a35cc2098307f52d7864b4bc8ed
- https://git.kernel.org/stable/c/9482ab4540f5bcc869b44c067ae99b5fca16bd07
- https://git.kernel.org/stable/c/b49ea673e119f59c71645e2f65b3ccad857c90ee
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.