CVE-2022-50496

Summary

In the Linux kernel, the following vulnerability has been resolved:

dm cache: Fix UAF in destroy()

Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent.

Therefore, cancelling timer again in destroy().

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc6b4fcbad044e6fffcc75bba160e720eb8d67d17 < 034cbc8d3b47a56acd89453c29632a9c117de09daffected
LinuxLinuxc6b4fcbad044e6fffcc75bba160e720eb8d67d17 < 993406104d2b28fe470126a062ad37a1e21e792eaffected
LinuxLinuxc6b4fcbad044e6fffcc75bba160e720eb8d67d17 < 4d20032dd90664de09f2902a7ea49ae2f7771746affected
LinuxLinuxc6b4fcbad044e6fffcc75bba160e720eb8d67d17 < 2f097dfac7579fd84ff98eb1d3acd41d53a485f3affected
LinuxLinuxc6b4fcbad044e6fffcc75bba160e720eb8d67d17 < 2b17026685a270b2beaf1cdd9857fcedd3505c7eaffected
LinuxLinuxc6b4fcbad044e6fffcc75bba160e720eb8d67d17 < d2a0b298ebf83ab6236f66788a3541e91ce75a70affected
LinuxLinuxc6b4fcbad044e6fffcc75bba160e720eb8d67d17 < 6ac4f36910764cb510bafc4c3768544f86ca48caaffected
LinuxLinuxc6b4fcbad044e6fffcc75bba160e720eb8d67d17 < 6a3e412c2ab131c54945327a7676b006f000a209affected
LinuxLinuxc6b4fcbad044e6fffcc75bba160e720eb8d67d17 < 6a459d8edbdbe7b24db42a5a9f21e6aa9e00c2aaaffected
LinuxLinux3.9affected
LinuxLinux0 < 3.9unaffected
LinuxLinux4.9.337 <= 4.9.*unaffected
LinuxLinux4.14.303 <= 4.14.*unaffected
LinuxLinux4.19.270 <= 4.19.*unaffected
LinuxLinux5.4.229 <= 5.4.*unaffected
LinuxLinux5.10.163 <= 5.10.*unaffected
LinuxLinux5.15.87 <= 5.15.*unaffected
LinuxLinux6.0.18 <= 6.0.*unaffected
LinuxLinux6.1.4 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References