fkie_cve-2022-49655
Vulnerability from fkie_nvd
Published
2025-02-26 07:01
Modified
2025-02-26 07:01
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: fscache: Fix invalidation/lookup race If an NFS file is opened for writing and closed, fscache_invalidate() will be asked to invalidate the file - however, if the cookie is in the LOOKING_UP state (or the CREATING state), then request to invalidate doesn't get recorded for fscache_cookie_state_machine() to do something with. Fix this by making __fscache_invalidate() set a flag if it sees the cookie is in the LOOKING_UP state to indicate that we need to go to invalidation. Note that this requires a count on the n_accesses counter for the state machine, which that will release when it's done. fscache_cookie_state_machine() then shifts to the INVALIDATING state if it sees the flag. Without this, an nfs file can get corrupted if it gets modified locally and then read locally as the cache contents may not get updated.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/85e4ea1049c70fb99de5c6057e835d151fb647da
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/b1ae9f617f8a5c848d9205b8e228c6f0d1af754b
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfscache: Fix invalidation/lookup race\n\nIf an NFS file is opened for writing and closed, fscache_invalidate() will\nbe asked to invalidate the file - however, if the cookie is in the\nLOOKING_UP state (or the CREATING state), then request to invalidate\ndoesn\u0027t get recorded for fscache_cookie_state_machine() to do something\nwith.\n\nFix this by making __fscache_invalidate() set a flag if it sees the cookie\nis in the LOOKING_UP state to indicate that we need to go to invalidation.\nNote that this requires a count on the n_accesses counter for the state\nmachine, which that will release when it\u0027s done.\n\nfscache_cookie_state_machine() then shifts to the INVALIDATING state if it\nsees the flag.\n\nWithout this, an nfs file can get corrupted if it gets modified locally and\nthen read locally as the cache contents may not get updated."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fscache: Corregir ejecuci\u00f3n de invalidaci\u00f3n/b\u00fasqueda Si se abre un archivo NFS para escritura y se cierra, se le solicitar\u00e1 a fscache_invalidate() que invalide el archivo; sin embargo, si la cookie est\u00e1 en el estado LOOKING_UP (o el estado CREATING), entonces la solicitud de invalidaci\u00f3n no se registra para que fscache_cookie_state_machine() haga algo con ella. Solucione esto haciendo que __fscache_invalidate() establezca una bandera si ve que la cookie est\u00e1 en el estado LOOKING_UP para indicar que debemos ir a la invalidaci\u00f3n. Tenga en cuenta que esto requiere un recuento en el contador n_accesses para la m\u00e1quina de estado, que se liberar\u00e1 cuando haya terminado. fscache_cookie_state_machine() luego cambia al estado INVALIDATING si ve la bandera. Sin esto, un archivo nfs puede da\u00f1arse si se modifica localmente y luego se lee localmente, ya que el contenido de la memoria cach\u00e9 podr\u00eda no actualizarse."
    }
  ],
  "id": "CVE-2022-49655",
  "lastModified": "2025-02-26T07:01:40.600",
  "metrics": {},
  "published": "2025-02-26T07:01:40.600",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/85e4ea1049c70fb99de5c6057e835d151fb647da"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/b1ae9f617f8a5c848d9205b8e228c6f0d1af754b"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.