CVE-2022-50889

Summary

In the Linux kernel, the following vulnerability has been resolved:

dm integrity: Fix UAF in dm_integrity_dtr()

Dm_integrity also has the same UAF problem when dm_resume() and dm_destroy() are concurrent.

Therefore, cancelling timer again in dm_integrity_dtr().

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7eada909bfd7ac90a4522e56aa3179d1fd68cd14 < 792e51aac376cfb5bd527c2a30826223b82dd177affected
LinuxLinux7eada909bfd7ac90a4522e56aa3179d1fd68cd14 < a506b5c92757b034034ef683e667bffc456c600baffected
LinuxLinux7eada909bfd7ac90a4522e56aa3179d1fd68cd14 < 9215b25f2e105032114e9b92c9783a2a84ee8af9affected
LinuxLinux7eada909bfd7ac90a4522e56aa3179d1fd68cd14 < 9f8e1e54a3a424c6c4fb8742e094789d3ec91e42affected
LinuxLinux7eada909bfd7ac90a4522e56aa3179d1fd68cd14 < b6c93cd61afab061d80cc842333abca97b289774affected
LinuxLinux7eada909bfd7ac90a4522e56aa3179d1fd68cd14 < f50cb2cbabd6c4a60add93d72451728f86e4791caffected
LinuxLinux4.12affected
LinuxLinux0 < 4.12unaffected
LinuxLinux5.4.229 <= 5.4.*unaffected
LinuxLinux5.10.163 <= 5.10.*unaffected
LinuxLinux5.15.87 <= 5.15.*unaffected
LinuxLinux6.0.18 <= 6.0.*unaffected
LinuxLinux6.1.4 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References