CVE-2022-49931 in Linuxinfo

Zusammenfassung

von MITRE • 01.05.2025

In the Linux kernel, the following vulnerability has been resolved:

IB/hfi1: Correctly move list in sc_disable()

Commit 13bac861952a ("IB/hfi1: Fix abba locking issue with sc_disable()") incorrectly tries to move a list from one list head to another. The result is a kernel crash.

The crash is triggered when a link goes down and there are waiters for a send to complete. The following signature is seen:

BUG: kernel NULL pointer dereference, address: 0000000000000030 [...]
Call Trace: sc_disable+0x1ba/0x240 [hfi1]
pio_freeze+0x3d/0x60 [hfi1]
handle_freeze+0x27/0x1b0 [hfi1]
process_one_work+0x1b0/0x380 ? process_one_work+0x380/0x380 worker_thread+0x30/0x360 ? process_one_work+0x380/0x380 kthread+0xd7/0x100 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x1f/0x30

The fix is to use the correct call to move the list.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Zuständig

Linux

Reservieren

01.05.2025

Veröffentlichung

01.05.2025

Moderieren

akzeptiert

Eintrag

VDB-307053

CPE

bereit

EPSS

0.00154

KEV

nein

Aktivitäten

very low

Quellen

Do you want to use VulDB in your project?

Use the official API to access entries easily!