In the Linux kernel, the following vulnerability has been resolved:
bpf: Add schedule points in batch ops
syzbot reported various soft lockups caused by bpf batch operations.
INFO: task kworker/1:1:27 blocked for more than 140 seconds.
INFO: task hung in rcu_barrier
Nothing prevents batch ops to process huge amount of data,
we need to add schedule points in them.
Note that maybe_wait_bpf_programs(map) calls from
generic_map_delete_batch() can be factorized by moving
the call after the loop.
This will be done later in -next tree once we get this fix merged,
unless there is strong opinion doing this optimization sooner.
References
Configurations
Configuration 1 (hide)
|
History
22 Aug 2024, 19:02
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 3.3 |
References | () https://git.kernel.org/stable/c/75134f16e7dd0007aa474b281935c5f42e79f2c8 - Patch | |
References | () https://git.kernel.org/stable/c/7e8099967d0e3ff9d1ae043e80b27fbe46c08417 - Patch | |
References | () https://git.kernel.org/stable/c/7ef94bfb08fb9e73defafbd5ddef6b5a0e2ee12b - Patch | |
References | () https://git.kernel.org/stable/c/8628f489b749a4f9767991631921dbe3fbcdc784 - Patch | |
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
First Time |
Linux linux Kernel
Linux |
|
CWE | CWE-834 |
22 Aug 2024, 12:48
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
22 Aug 2024, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-22 04:15
Updated : 2024-08-22 19:02
NVD link : CVE-2022-48939
Mitre link : CVE-2022-48939
CVE.ORG link : CVE-2022-48939
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-834
Excessive Iteration