CVE-2022-49411
bfq: Make sure bfqg for which we are queueing requests is online
Time Line
Published
2024-03-19
Updated
2024-03-19
Firt exploit
2024-03-19
Overview
Descriptions (1)
MITRE
CWE (0)
CAPEC (-)
Risk
CVSS Score
-
SSVC
-
KEV
-
EPSS
Affected Products (-)
Vendors (1)
linux
Products (1)
linux_kernel
Versions (6)
>= 4.12 < 5.4.198, >= 4.12 < 5.10.121, >= 4.12 < 5.15.46, >= 4.12 < 5.17.14, >= 4.12 < 5.18.3, >= 4.12 < 5.19
Intel Resources (-)
Advisories (-)
-
Exploits (-)
-
Plugins (-)
-
References (7)
General (1)
kernel
Exploits & POcs (-)
Patches (6)
kernel
Advisories (-)
Summary
Descriptions
In the Linux kernel, the following vulnerability has been resolved: bfq: Make sure bfqg for which we are queueing requests is online Bios queued into BFQ IO scheduler can be associated with a cgroup that
was already offlined. This may then cause insertion of this bfq_group
into a service tree. But this bfq_group will get freed as soon as last
bio associated with it is completed leading to use after free issues for
service tree users. Fix the problem by making sure we always operate on
online bfq_group. If the bfq_group associated with the bio is not
online, we pick the first online parent.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2025-02-26 CVE Reserved
- 2025-02-26 CVE Published
- 2025-02-26 CVE Updated
- ---------- EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
Threat Intelligence Resources (0)
| Select | Title | Date |
|---|
Security Advisory details:
Select an advisory to view details here.
| Select | Title | Date |
|---|
Select an exploit to view details here.
References (7)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/e21b7a0b988772e82e7147e1c659a5afe2ae003c | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.12 < 5.4.198 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.4.198" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.12 < 5.10.121 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.10.121" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.12 < 5.15.46 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.15.46" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.12 < 5.17.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.17.14" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.12 < 5.18.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.18.3" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.12 < 5.19 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.19" | en |
Affected
| ||||||