CVE-2022-48944

sched: Fix yet more sched_fork() races

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: sched: Fix yet more sched_fork() races Where commit 4ef0c5c6b5ba ("kernel/sched: Fix sched_fork() access an
invalid sched_task_group") fixed a fork race vs cgroup, it opened up a
race vs syscalls by not placing the task on the runqueue before it
gets exposed through the pidhash. Commit 13765de8148f ("sched/fair: Fix fault in reweight_entity") is
trying to fix a single instance of this, instead fix the whole class
of issues, effectively reverting this commit.

In the Linux kernel, the following vulnerability has been resolved: sched: Fix yet more sched_fork() races Where commit 4ef0c5c6b5ba ("kernel/sched: Fix sched_fork() access an invalid sched_task_group") fixed a fork race vs cgroup, it opened up a race vs syscalls by not placing the task on the runqueue before it gets exposed through the pidhash. Commit 13765de8148f ("sched/fair: Fix fault in reweight_entity") is trying to fix a single instance of this, instead fix the whole class of issues, effectively reverting this commit.

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bug fixes.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-08-22 CVE Reserved
2024-08-30 CVE Published
2025-05-04 CVE Updated
2025-06-26 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (7)

URL	Tag	Source
https://git.kernel.org/stable/c/3869eecf050416a1d19bac60926f6b5d64b0aa58	Vuln. Introduced
https://git.kernel.org/stable/c/4ef0c5c6b5ba1f38f0ea1cedad0cad722f00c14a	Vuln. Introduced
https://git.kernel.org/stable/c/c85c6fadbef0a3eab41540ea628fa8fe8928c820	Vuln. Introduced
https://git.kernel.org/stable/c/25d40b828fb855ee62e1039c65a666c9afd60786	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/3411613611a5cddf7e80908010dc87cb527dd13b	2022-03-08
https://git.kernel.org/stable/c/c65cfd89cef669d90c59f3bf150af6458137a04f	2022-03-08
https://git.kernel.org/stable/c/b1e8206582f9d680cff7d04828708c8b6ab32957	2022-02-19

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15.3 < 5.15.27 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15.3 < 5.15.27"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.16 < 5.16.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.16 < 5.16.13"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.16 < 5.17 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.16 < 5.17"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.10.80 Search vendor "Linux" for product "Linux Kernel" and version "5.10.80"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.14.19 Search vendor "Linux" for product "Linux Kernel" and version "5.14.19"		en		Affected