CVE-2022-49768

Summary

In the Linux kernel, the following vulnerability has been resolved:

9p: trans_fd/p9_conn_cancel: drop client lock earlier

syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to local list: just drop the lock earlier.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxeb1ca07f4343b4e58b97e792a85d5ba1ba103f5d < 82825dbf393f7c7979d462f9609a15bde8092b3faffected
LinuxLinux4cd195263e420311d31451cc053fde8037f326f1 < e3031280fe4eaf61a09e60823331f81f321be8e1affected
LinuxLinux9f476d7c540cb57556d3cc7e78704e6cd5100f5f < fec1406f5e7ab20b71f6d231792b0040e3300aafaffected
LinuxLinux9f476d7c540cb57556d3cc7e78704e6cd5100f5f < 96760723aae1b45f733f702abb4333137143909faffected
LinuxLinux9f476d7c540cb57556d3cc7e78704e6cd5100f5f < f14858bc77c567e089965962877ee726ffad0556affected
LinuxLinux9f476d7c540cb57556d3cc7e78704e6cd5100f5f < a4f1a01b2e81378fce9ca528d4d8a049e4b58fcdaffected
LinuxLinux9f476d7c540cb57556d3cc7e78704e6cd5100f5f < 612c977f5d481f551d03d83d0aef588845c1300caffected
LinuxLinux9f476d7c540cb57556d3cc7e78704e6cd5100f5f < 52f1c45dde9136f964d63a77d19826c8a74e2c7faffected
LinuxLinux91ca7c5644c370dc5132b1db1aea81416a4b2181affected
LinuxLinux4.9.127 < 4.9.334affected
LinuxLinux4.14.70 < 4.14.300affected
LinuxLinux4.18.8 < 4.19affected
LinuxLinux4.19affected
LinuxLinux0 < 4.19unaffected
LinuxLinux4.9.334 <= 4.9.*unaffected
LinuxLinux4.14.300 <= 4.14.*unaffected
LinuxLinux4.19.267 <= 4.19.*unaffected
LinuxLinux5.4.225 <= 5.4.*unaffected
LinuxLinux5.10.156 <= 5.10.*unaffected
LinuxLinux5.15.80 <= 5.15.*unaffected
LinuxLinux6.0.10 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

References