Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2022-48931
HistoryAug 22, 2024 - 4:15 a.m.

CVE-2022-48931

2024-08-2204:15:16
CWE-362
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
6
linux kernel
configfs
race condition
fix
vulnerability
mutex

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0

Percentile

5.0%

JSON

In the Linux kernel, the following vulnerability has been resolved:

configfs: fix a race in configfs_{,un}register_subsystem()

When configfs_register_subsystem() or configfs_unregister_subsystem()
is executing link_group() or unlink_group(),
it is possible that two processes add or delete list concurrently.
Some unfortunate interleavings of them can cause kernel panic.

One of cases is:
A –> B –> C –> D
A <– B <– C <– D

 delete list_head *B        |      delete list_head *C

--------------------------------|-----------------------------------
configfs_unregister_subsystem | configfs_unregister_subsystem
unlink_group | unlink_group
unlink_obj | unlink_obj
list_del_init | list_del_init
__list_del_entry | __list_del_entry
__list_del | __list_del
// next == C |
next->prev = prev |
| next->prev = prev
prev->next = next |
| // prev == B
| prev->next = next

Fix this by adding mutex when calling link_group() or unlink_group(),
but parent configfs_subsystem is NULL when config_item is root.
So I create a mutex configfs_subsystem_mutex.

Affected configurations

Nvd
Node
linuxlinux_kernelRange2.6.164.9.304
OR
linuxlinux_kernelRange4.104.14.269
OR
linuxlinux_kernelRange4.154.19.232
OR
linuxlinux_kernelRange4.205.4.182
OR
linuxlinux_kernelRange5.55.10.103
OR
linuxlinux_kernelRange5.115.15.26
OR
linuxlinux_kernelRange5.165.16.12
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Related

debiancve 1
ubuntucve 1
cvelist 1
vulnrichment 1
osv 7
redhatcve 1
cve 1
redos 1
nessus 5
openvas 1
debiancve
debiancve
CVE-2022-48931
2024-08-22 04:15:16
ubuntucve
ubuntucve
CVE-2022-48931
2024-08-22 00:00:00
cvelist
cvelist
CVE-2022-48931 configfs: fix a race in configfs_{,un}register_subsystem()
2024-08-22 03:31:24
vulnrichment
vulnrichment
CVE-2022-48931 configfs: fix a race in configfs_{,un}register_subsystem()
2024-08-22 03:31:24
osv
osv
CVE-2022-48931
2024-08-22 04:15:16
Security update for the Linux Kernel
2024-09-12 13:26:12
Security update for the Linux Kernel
2024-09-16 08:58:05
redhatcve
redhatcve
CVE-2022-48931
2024-08-22 15:16:23
cve
cve
CVE-2022-48931
2024-08-22 04:15:16
redos
redos
ROS-20240829-02
2024-08-29 00:00:00
nessus
nessus
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:3252-1)
2024-09-17 00:00:00
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:3251-1)
2024-09-17 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:3189-1)
2024-09-11 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:3252-1)
2024-09-17 00:00:00

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0

Percentile

5.0%

JSON
Related for NVD:CVE-2022-48931
debiancve1ubuntucve1cvelist1vulnrichment1osv7redhatcve1cve1redos1nessus5openvas1