CVE-2022-49694

Summary

In the Linux kernel, the following vulnerability has been resolved:

block: disable the elevator int del_gendisk

The elevator is only used for file system requests, which are stopped in del_gendisk. Move disabling the elevator and freeing the scheduler tags to the end of del_gendisk instead of doing that work in disk_release and blk_cleanup_queue to avoid a use after free on q->tag_set from disk_release as the tag_set might not be alive at that point.

Move the blk_qos_exit call as well, as it just depends on the elevator exit and would be the only reason to keep the not exactly cheap queue freeze in disk_release.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe155b0c238b20f0a866f4334d292656665836c8a < f28699fafc047ec33299da01e928c3a0073c5cc6affected
LinuxLinuxe155b0c238b20f0a866f4334d292656665836c8a < 50e34d78815e474d410f342fbe783b18192ca518affected
LinuxLinux5.16affected
LinuxLinux0 < 5.16unaffected
LinuxLinux5.18.8 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References