CVE-2022-48846

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-48846
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48846.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-48846
Downstream
Related
Published
2024-07-16T12:25:15Z
Modified
2025-10-08T06:37:52.749569Z
Summary
block: release rq qos structures for queue without disk
Details

In the Linux kernel, the following vulnerability has been resolved:

block: release rq qos structures for queue without disk

blkcginitqueue() may add rq qos structures to request queue, previously blkcleanupqueue() calls rqqosexit() to release them, but commit 8e141f9eb803 ("block: drain file system I/O on delgendisk") moves rqqosexit() into delgendisk(), so memory leak is caused because queues may not have disk, such as un-present scsi luns, nvme admin queue, ...

Fixes the issue by adding rqqosexit() to blkcleanupqueue() back.

BTW, v5.18 won't need this patch any more since we move blkcginitqueue()/blkcgexitqueue() into disk allocation/release handler, and patches have been in for-5.18/block.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
8e141f9eb803e209714a80aa6ec073893f94c526
Fixed
d4ad8736ac982111bb0be8306bf19c8207f6600e
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
8e141f9eb803e209714a80aa6ec073893f94c526
Fixed
60c2c8e2ef3a3ec79de8cbc80a06ca0c21df8c29
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
8e141f9eb803e209714a80aa6ec073893f94c526
Fixed
daaca3522a8e67c46e39ef09c1d542e866f85f3b

Affected versions

v5.*

v5.15
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.4
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.16.1
v5.16.10
v5.16.11
v5.16.12
v5.16.13
v5.16.14
v5.16.15
v5.16.16
v5.16.2
v5.16.3
v5.16.4
v5.16.5
v5.16.6
v5.16.7
v5.16.8
v5.16.9
v5.17-rc1

Database specific 

{
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "digest": {
                "length": 569.0,
                "function_hash": "107432175246841569158372271057591090194"
            },
            "id": "CVE-2022-48846-0d2c7a2e",
            "deprecated": false,
            "target": {
                "file": "block/blk-core.c",
                "function": "blk_cleanup_queue"
            },
            "signature_type": "Function",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@60c2c8e2ef3a3ec79de8cbc80a06ca0c21df8c29"
        },
        {
            "signature_version": "v1",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "169610268665500395048411235718635433157",
                    "106944787450741439426935382937288189312",
                    "154950779633559416520438082515408500888",
                    "239574291356161640869230270181254844233",
                    "100649618383731441368751400155054467126",
                    "83871975652732001006961703602377812916",
                    "9511140839249228093338640684817464137"
                ]
            },
            "id": "CVE-2022-48846-273f084f",
            "deprecated": false,
            "target": {
                "file": "block/blk-core.c"
            },
            "signature_type": "Line",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@60c2c8e2ef3a3ec79de8cbc80a06ca0c21df8c29"
        },
        {
            "signature_version": "v1",
            "digest": {
                "length": 569.0,
                "function_hash": "107432175246841569158372271057591090194"
            },
            "id": "CVE-2022-48846-2b5fd4e9",
            "deprecated": false,
            "target": {
                "file": "block/blk-core.c",
                "function": "blk_cleanup_queue"
            },
            "signature_type": "Function",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d4ad8736ac982111bb0be8306bf19c8207f6600e"
        },
        {
            "signature_version": "v1",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "289936853590547145967356073827903011414",
                    "106944787450741439426935382937288189312",
                    "154950779633559416520438082515408500888",
                    "239574291356161640869230270181254844233",
                    "100649618383731441368751400155054467126",
                    "83871975652732001006961703602377812916",
                    "9511140839249228093338640684817464137"
                ]
            },
            "id": "CVE-2022-48846-31e5bf61",
            "deprecated": false,
            "target": {
                "file": "block/blk-core.c"
            },
            "signature_type": "Line",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@daaca3522a8e67c46e39ef09c1d542e866f85f3b"
        },
        {
            "signature_version": "v1",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "83915082143718307015851913865040509085",
                    "248018259788741585552745556622357670954",
                    "27922886188618613472470922227666187173",
                    "259546725456802968832047524253529652749",
                    "100649618383731441368751400155054467126",
                    "83871975652732001006961703602377812916",
                    "9511140839249228093338640684817464137"
                ]
            },
            "id": "CVE-2022-48846-5e40126e",
            "deprecated": false,
            "target": {
                "file": "block/blk-core.c"
            },
            "signature_type": "Line",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d4ad8736ac982111bb0be8306bf19c8207f6600e"
        },
        {
            "signature_version": "v1",
            "digest": {
                "length": 569.0,
                "function_hash": "107432175246841569158372271057591090194"
            },
            "id": "CVE-2022-48846-e9e1cf07",
            "deprecated": false,
            "target": {
                "file": "block/blk-core.c",
                "function": "blk_cleanup_queue"
            },
            "signature_type": "Function",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@daaca3522a8e67c46e39ef09c1d542e866f85f3b"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.0
Fixed
5.15.31
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.16.17