CVE-2022-48799
perf: Fix list corruption in perf_cgroup_switch()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: perf: Fix list corruption in perf_cgroup_switch() There's list corruption on cgrp_cpuctx_list. This happens on the
following path: perf_cgroup_switch: list_for_each_entry(cgrp_cpuctx_list) cpu_ctx_sched_in ctx_sched_in ctx_pinned_sched_in merge_sched_in perf_cgroup_event_disable: remove the event from the list Use list_for_each_entry_safe() to allow removing an entry during
iteration.
In the Linux kernel, the following vulnerability has been resolved: perf: Fix list corruption in perf_cgroup_switch() There's list corruption on cgrp_cpuctx_list. This happens on the following path: perf_cgroup_switch: list_for_each_entry(cgrp_cpuctx_list) cpu_ctx_sched_in ctx_sched_in ctx_pinned_sched_in merge_sched_in perf_cgroup_event_disable: remove the event from the list Use list_for_each_entry_safe() to allow removing an entry during iteration.
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a denial of service vulnerability.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-07-16 CVE Reserved
- 2024-07-16 CVE Published
- 2024-12-19 CVE Updated
- 2025-03-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-99: Improper Control of Resource Identifiers ('Resource Injection')
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/058fe1c0440e68a1ba3c2270ae43e9f0298b27d8 | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2022-48799 | 2024-09-24 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2298135 | 2024-09-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.11 < 4.14.267 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 4.14.267" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.11 < 4.19.230 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 4.19.230" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.11 < 5.4.180 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.4.180" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.11 < 5.10.101 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.10.101" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.11 < 5.15.24 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.15.24" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.11 < 5.16.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.16.10" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.11 < 5.17 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.17" | en |
Affected
| ||||||