ghsa-x74c-mr6j-xgx9
Vulnerability from github
In the Linux kernel, the following vulnerability has been resolved:
block: Fix potential deadlock in blk_ia_range_sysfs_show()
When being read, a sysfs attribute is already protected against removal with the kobject node active reference counter. As a result, in blk_ia_range_sysfs_show(), there is no need to take the queue sysfs lock when reading the value of a range attribute. Using the queue sysfs lock in this function creates a potential deadlock situation with the disk removal, something that a lockdep signals with a splat when the device is removed:
[ 760.703551] Possible unsafe locking scenario: [ 760.703551] [ 760.703554] CPU0 CPU1 [ 760.703556] ---- ---- [ 760.703558] lock(&q->sysfs_lock); [ 760.703565] lock(kn->active#385); [ 760.703573] lock(&q->sysfs_lock); [ 760.703579] lock(kn->active#385); [ 760.703587] [ 760.703587] *** DEADLOCK ***
Solve this by removing the mutex_lock()/mutex_unlock() calls from blk_ia_range_sysfs_show().
{
"affected": [],
"aliases": [
"CVE-2022-49406"
],
"database_specific": {
"cwe_ids": [
"CWE-667"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T07:01:17Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix potential deadlock in blk_ia_range_sysfs_show()\n\nWhen being read, a sysfs attribute is already protected against removal\nwith the kobject node active reference counter. As a result, in\nblk_ia_range_sysfs_show(), there is no need to take the queue sysfs\nlock when reading the value of a range attribute. Using the queue sysfs\nlock in this function creates a potential deadlock situation with the\ndisk removal, something that a lockdep signals with a splat when the\ndevice is removed:\n\n[ 760.703551] Possible unsafe locking scenario:\n[ 760.703551]\n[ 760.703554] CPU0 CPU1\n[ 760.703556] ---- ----\n[ 760.703558] lock(\u0026q-\u003esysfs_lock);\n[ 760.703565] lock(kn-\u003eactive#385);\n[ 760.703573] lock(\u0026q-\u003esysfs_lock);\n[ 760.703579] lock(kn-\u003eactive#385);\n[ 760.703587]\n[ 760.703587] *** DEADLOCK ***\n\nSolve this by removing the mutex_lock()/mutex_unlock() calls from\nblk_ia_range_sysfs_show().",
"id": "GHSA-x74c-mr6j-xgx9",
"modified": "2025-04-17T21:30:44Z",
"published": "2025-04-17T21:30:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49406"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/41e46b3c2aa24f755b2ae9ec4ce931ba5f0d8532"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/717b078bc745ba9a262abebed9806a17e8bbb77b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dc107c805cde709866b59867ef72b9390199205e"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.