CVE-2022-48799

2024-07-1612:15:04

Linux

web.nvd.nist.gov

linux kernel vulnerability

perf_cgroup_switch

list corruption fix

AI Score

6.7

Confidence

High

EPSS

Percentile

10.6%

JSON

In the Linux kernel, the following vulnerability has been resolved:

perf: Fix list corruption in perf_cgroup_switch()

There’s list corruption on cgrp_cpuctx_list. This happens on the
following path:

perf_cgroup_switch: list_for_each_entry(cgrp_cpuctx_list)
cpu_ctx_sched_in
ctx_sched_in
ctx_pinned_sched_in
merge_sched_in
perf_cgroup_event_disable: remove the event from the list

Use list_for_each_entry_safe() to allow removing an entry during
iteration.

Affected configurations

Vulners

Node

linuxlinux_kernelRange4.11–4.14.267

linuxlinux_kernelRange4.15.0–4.19.230

linuxlinux_kernelRange4.20.0–5.4.180

linuxlinux_kernelRange5.5.0–5.10.101

linuxlinux_kernelRange5.11.0–5.15.24

linuxlinux_kernelRange5.16.0–5.16.10

linuxlinux_kernelRange5.17.0≥

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "kernel/events/core.c"
    ],
    "versions": [
      {
        "version": "058fe1c0440e",
        "lessThan": "5d76ed422340",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "058fe1c0440e",
        "lessThan": "30d9f3cbe47e",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "058fe1c0440e",
        "lessThan": "a2ed7b29d067",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "058fe1c0440e",
        "lessThan": "f6b5d51976fc",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "058fe1c0440e",
        "lessThan": "7969fe91c983",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "058fe1c0440e",
        "lessThan": "2142bc1469a3",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "058fe1c0440e",
        "lessThan": "5f4e5ce638e6",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "kernel/events/core.c"
    ],
    "versions": [
      {
        "version": "4.11",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "4.11",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.14.267",
        "lessThanOrEqual": "4.14.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.19.230",
        "lessThanOrEqual": "4.19.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.4.180",
        "lessThanOrEqual": "5.4.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.10.101",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.15.24",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.16.10",
        "lessThanOrEqual": "5.16.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.17",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]