CVE-2022-49751 in Linux
Summary
by MITRE • 03/27/2025
In the Linux kernel, the following vulnerability has been resolved:
w1: fix WARNING after calling w1_process()
I got the following WARNING message while removing driver(ds2482):
------------[ cut here ]------------
do not call blocking ops when !TASK_RUNNING; state=1 set at [] w1_process+0x9e/0x1d0 [wire]
WARNING: CPU: 0 PID: 262 at kernel/sched/core.c:9817 __might_sleep+0x98/0xa0 CPU: 0 PID: 262 Comm: w1_bus_master1 Tainted: G N 6.1.0-rc3+ #307 RIP: 0010:__might_sleep+0x98/0xa0 Call Trace: exit_signals+0x6c/0x550 do_exit+0x2b4/0x17e0 kthread_exit+0x52/0x60 kthread+0x16d/0x1e0 ret_from_fork+0x1f/0x30
The state of task is set to TASK_INTERRUPTIBLE in loop in w1_process(), set it to TASK_RUNNING when it breaks out of the loop to avoid the warning.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 12/06/2025
The vulnerability described in CVE-2022-49751 represents a critical scheduling issue within the Linux kernel's 1-Wire subsystem, specifically affecting the w1_process() function implementation. This flaw manifests as a WARNING message during driver removal operations, particularly when handling the ds2482 driver, indicating a fundamental misunderstanding of kernel task state management. The warning occurs when the kernel attempts to execute blocking operations while a task is in an inappropriate state, creating a potential instability condition that could compromise system integrity.
The technical root cause of this vulnerability lies in improper task state management within the w1_process() function where the kernel scheduler's __might_sleep() function detects an invalid state transition. The kernel's task state machine operates under strict constraints where certain operations can only be performed when a task is in TASK_RUNNING state, yet the w1_process() function sets the task to TASK_INTERRUPTIBLE within a loop structure without properly transitioning back to TASK_RUNNING when exiting the loop. This creates a scenario where blocking operations are invoked while the task maintains an invalid state, triggering the kernel's built-in safety mechanisms that prevent such operations from proceeding.
This vulnerability directly relates to CWE-681 and CWE-362 within the Common Weakness Enumeration framework, representing incorrect use of a resource and race condition respectively. The flaw demonstrates poor understanding of kernel scheduling primitives and how blocking operations must be coordinated with task state transitions. From an operational security perspective, this vulnerability could enable denial of service conditions or potentially allow privilege escalation attacks if exploited by malicious actors who understand how to manipulate the task state transitions to trigger additional kernel instability. The specific call trace indicates the issue originates from kthread_exit and kthread functions, suggesting the problem affects kernel threads that manage 1-Wire bus operations.
The impact of this vulnerability extends beyond simple warning messages to potentially destabilizing the entire kernel subsystem responsible for 1-Wire communication protocols. When the ds2482 driver is removed from memory, the improper state management can cause the kernel to panic or enter an inconsistent state where subsequent 1-Wire operations fail or behave unpredictably. This affects systems that rely on 1-Wire devices for temperature monitoring, data logging, or embedded system communication, particularly in industrial environments where such stability is critical. The ATT&CK framework categorizes this as a system service interruption, potentially enabling adversaries to disrupt legitimate system operations through careful exploitation of the scheduling state management flaw.
Mitigation strategies for CVE-2022-49751 require immediate kernel updates from vendors that include the specific fix implemented in the 1-Wire subsystem. The fix involves modifying the w1_process() function to properly transition task state from TASK_INTERRUPTIBLE back to TASK_RUNNING before exiting the processing loop, thereby ensuring that blocking operations are only invoked when the kernel scheduler permits such operations. System administrators should prioritize applying kernel patches that address this specific issue, particularly in environments where 1-Wire devices are actively used. Additionally, monitoring for WARNING messages related to w1_process() and kernel task state transitions should be implemented as part of routine system health checks, as these messages may indicate the presence of other related vulnerabilities or improper driver management within the kernel's device subsystem.