CVE-2022-50028

Summary

In the Linux kernel, the following vulnerability has been resolved:

gadgetfs: ep_io - wait until IRQ finishes

after usb_ep_queue() if wait_for_completion_interruptible() is interrupted we need to wait until IRQ gets finished.

Otherwise complete() from epio_complete() can corrupt stack.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 67a4874461422e633236a0286a01b483cd647113affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 118d967ce00a3d128bf731b35e4e2cb0facf5f00affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 77040efe59a141286d090c8a0d37c65a355a1832affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < ca06b4cde54f8ec8be3aa53fd339bd56e62c12b3affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 9ac14f973cb91f0c01776517e6d50981f32b8038affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 94aadba8d000d5de56af4ce8da3f334f21bf7a79affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2b06d5d97c0e067108a122986767731d40742138affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 04cb742d4d8f30dc2e83b46ac317eec09191c68eaffected
LinuxLinux2.6.12affected
LinuxLinux0 < 2.6.12unaffected
LinuxLinux4.9.326 <= 4.9.*unaffected
LinuxLinux4.14.291 <= 4.14.*unaffected
LinuxLinux4.19.256 <= 4.19.*unaffected
LinuxLinux5.4.211 <= 5.4.*unaffected
LinuxLinux5.10.138 <= 5.10.*unaffected
LinuxLinux5.15.63 <= 5.15.*unaffected
LinuxLinux5.19.4 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

References