Lucene search

416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2022-48671

HistoryMay 03, 2024 - 3:15 p.m.

CVE-2022-48671

2024-05-0315:15:07

CWE-667

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux kernel

vulnerability

resolved

cgroup

cpus_read_lock

syzbot

warning

commit

deadlock

nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()

syzbot is hitting percpu_rwsem_assert_held(&cpu_hotplug_lock) warning at
cpuset_attach() [1], for commit 4f7e7236435ca0ab (“cgroup: Fix
threadgroup_rwsem <-> cpus_read_lock() deadlock”) missed that
cpuset_attach() is also called from cgroup_attach_task_all().
Add cpus_read_lock() like what cgroup_procs_write_start() does.

Affected configurations

Vulners

NVD

Node

linuxlinux_kernelRange5.4.213–5.4.215

linuxlinux_kernelRange5.10.143–5.10.145

linuxlinux_kernelRange5.15.68–5.15.70

linuxlinux_kernelRange5.19.9–5.19.11

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "kernel/cgroup/cgroup-v1.c"
    ],
    "versions": [
      {
        "version": "e446300968c6",
        "lessThan": "321488cfac7d",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "59c6902a96b4",
        "lessThan": "07191f984842",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "dee1e2b18cf5",
        "lessThan": "9f267393b036",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3bf4bf54069f",
        "lessThan": "5db17805b6ba",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "c0deb027c99c",
        "lessThan": "99bc25748e39",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "4f7e7236435c",
        "lessThan": "43626dade36f",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "kernel/cgroup/cgroup-v1.c"
    ],
    "versions": [
      {
        "version": "5.4.213",
        "lessThan": "5.4.215",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "5.10.143",
        "lessThan": "5.10.145",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "5.15.68",
        "lessThan": "5.15.70",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "5.19.9",
        "lessThan": "5.19.11",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]