fkie_cve-2022-49995
Vulnerability from fkie_nvd
Published
2025-06-18 11:15
Modified
2025-06-18 13:46
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
writeback: avoid use-after-free after removing device
When a disk is removed, bdi_unregister gets called to stop further
writeback and wait for associated delayed work to complete. However,
wb_inode_writeback_end() may schedule bandwidth estimation dwork after
this has completed, which can result in the timer attempting to access the
just freed bdi_writeback.
Fix this by checking if the bdi_writeback is alive, similar to when
scheduling writeback work.
Since this requires wb->work_lock, and wb_inode_writeback_end() may get
called from interrupt, switch wb->work_lock to an irqsafe lock.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwriteback: avoid use-after-free after removing device\n\nWhen a disk is removed, bdi_unregister gets called to stop further\nwriteback and wait for associated delayed work to complete. However,\nwb_inode_writeback_end() may schedule bandwidth estimation dwork after\nthis has completed, which can result in the timer attempting to access the\njust freed bdi_writeback.\n\nFix this by checking if the bdi_writeback is alive, similar to when\nscheduling writeback work.\n\nSince this requires wb-\u003ework_lock, and wb_inode_writeback_end() may get\ncalled from interrupt, switch wb-\u003ework_lock to an irqsafe lock."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: writeback: evitar el Use-After-Free tras retirar un dispositivo. Al retirar un disco, se llama a bdi_unregister para detener la escritura diferida y esperar a que se complete el trabajo retrasado asociado. Sin embargo, wb_inode_writeback_end() puede programar la estimaci\u00f3n de ancho de banda dwork despu\u00e9s de que esto se haya completado, lo que puede provocar que el temporizador intente acceder al bdi_writeback reci\u00e9n liberado. Para solucionar esto, verifique si bdi_writeback est\u00e1 activo, de forma similar a cuando se programa la escritura diferida. Dado que esto requiere wb-\u0026gt;work_lock y wb_inode_writeback_end() puede ser llamado desde una interrupci\u00f3n, cambie wb-\u0026gt;work_lock a un bloqueo irqsafe."
}
],
"id": "CVE-2022-49995",
"lastModified": "2025-06-18T13:46:52.973",
"metrics": {},
"published": "2025-06-18T11:15:27.227",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/9a6c710f3bc10bc9cc23e1c080b53245b7f9d5b7"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/f87904c075515f3e1d8f4a7115869d3b914674fd"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/f96b9f7c1676923bce871e728bb49c0dfa5013cc"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…