CVE-2022-49786

Summary

In the Linux kernel, the following vulnerability has been resolved:

blk-cgroup: properly pin the parent in blkcg_css_online

blkcg_css_online is supposed to pin the blkcg of the parent, but 397c9f46ee4d refactored things and along the way, changed it to pin the css instead. This results in extra pins, and we end up leaking blkcgs and cgroups.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux397c9f46ee4d99024c64954b007c1b5762d01cb4 < d118247e404d6338f7b90636a3c6b95a387ed163affected
LinuxLinux397c9f46ee4d99024c64954b007c1b5762d01cb4 < d7dbd43f4a828fa1d9a8614d5b0ac40aee6375feaffected
LinuxLinux5.19affected
LinuxLinux0 < 5.19unaffected
LinuxLinux6.0.10 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

References