In the Linux kernel, the following vulnerability has been resolved:
configfs: fix a race in configfs_{,un}register_subsystem()
When configfs_register_subsystem() or configfs_unregister_subsystem()
is executing link_group() or unlink_group(),
it is possible that two processes add or delete list concurrently.
Some unfortunate interleavings of them can cause kernel panic.
One of cases is:
A --> B --> C --> D
A <-- B <-- C <-- D
delete list_head *B | delete list_head *C
--------------------------------|-----------------------------------
configfs_unregister_subsystem | configfs_unregister_subsystem
unlink_group | unlink_group
unlink_obj | unlink_obj
list_del_init | list_del_init
__list_del_entry | __list_del_entry
__list_del | __list_del
// next == C |
next->prev = prev |
| next->prev = prev
prev->next = next |
| // prev == B
| prev->next = next
Fix this by adding mutex when calling link_group() or unlink_group(),
but parent configfs_subsystem is NULL when config_item is root.
So I create a mutex configfs_subsystem_mutex.
References
Configurations
Configuration 1 (hide)
|
History
23 Aug 2024, 01:54
Type | Values Removed | Values Added |
---|---|---|
References | () https://git.kernel.org/stable/c/3aadfd46858b1f64d4d6a0654b863e21aabff975 - Patch | |
References | () https://git.kernel.org/stable/c/40805099af11f68c5ca7dbcfacf455da8f99f622 - Patch | |
References | () https://git.kernel.org/stable/c/84ec758fb2daa236026506868c8796b0500c047d - Patch | |
References | () https://git.kernel.org/stable/c/a37024f7757c25550accdebf49e497ad6ae239fe - Patch | |
References | () https://git.kernel.org/stable/c/a7ab53d3c27dfe83bb594456b9f38a37796ec39b - Patch | |
References | () https://git.kernel.org/stable/c/b7e2b91fcb5c78c414e33dc8d50642e307ca0c5a - Patch | |
References | () https://git.kernel.org/stable/c/d1654de19d42f513b6cfe955cc77e7f427e05a77 - Patch | |
References | () https://git.kernel.org/stable/c/e7a66dd2687758718eddd79b542a95cf3aa488cc - Patch | |
First Time |
Linux linux Kernel
Linux |
|
CWE | CWE-362 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.7 |
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
22 Aug 2024, 12:48
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
22 Aug 2024, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-22 04:15
Updated : 2024-08-23 01:54
NVD link : CVE-2022-48931
Mitre link : CVE-2022-48931
CVE.ORG link : CVE-2022-48931
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')