CVE-2022-48671

May 3, 2024, 3:32 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() syzbot is hitting percpu_rwsem_assert_held(&cpu_hotplug_lock) warning at cpuset_attach() [1], for commit 4f7e7236435ca0ab ("cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock") missed that cpuset_attach() is also called from cgroup_attach_task_all(). Add cpus_read_lock() like what cgroup_procs_write_start() does.

Product(s) Impacted

Product Versions
Linux kernel

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/07191f984842d50020789ff14c75da436a7f46a9
https://git.kernel.org/stable/c/321488cfac7d0eb6d97de467015ff754f85813ff
https://git.kernel.org/stable/c/43626dade36fa74d3329046f4ae2d7fdefe401c6
https://git.kernel.org/stable/c/5db17805b6ba4c34dab303f49aea3562fc25af75
https://git.kernel.org/stable/c/99bc25748e394d17f9e8b10cc7f273b8e64c1c7e
https://git.kernel.org/stable/c/9f267393b036f1470fb12fb892d59e7ff8aeb58d

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-05-03
CVE-2022-48671

Timeline

Published: May 3, 2024, 3:15 p.m.
Last Modified: May 3, 2024, 3:32 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.