CVE-2022-49377

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-49377

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49377.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-49377

Downstream

DEBIAN-CVE-2022-49377

OESA-2025-2081

OESA-2025-2082

RHSA-2025:10174

RHSA-2025:10193

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

UBUNTU-CVE-2022-49377

Related

Published

2025-02-26T02:11:16Z

Modified

2025-10-15T21:15:06.205587Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

blk-mq: don't touch ->tagset in blk_mq_get_sq_hctx

Details

In the Linux kernel, the following vulnerability has been resolved:

blk-mq: don't touch ->tagset in blkmqgetsqhctx

blkmqrunhwqueues() could be run when there isn't queued request and after queue is cleaned up, at that time tagset is freed, because tagset lifetime is covered by driver, and often freed after blkcleanupqueue() returns.

So don't touch ->tagset for figuring out current default hctx by the mapping built in request queue, so use-after-free on tagset can be avoided. Meantime this way should be fast than retrieving mapping from tagset.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

b6e68ee82585f2ee890b0a897a6aacbf49a467bb

Fixed

460aa288c5cd0544dcf933a2f0ad0e8c6d2d35ff

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

b6e68ee82585f2ee890b0a897a6aacbf49a467bb

Fixed

b140bac470b4f707cda59c7266214246238661df

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

b6e68ee82585f2ee890b0a897a6aacbf49a467bb

Fixed

70fdd922c7bf8949f8df109cf2635dff64c90392

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

b6e68ee82585f2ee890b0a897a6aacbf49a467bb

Fixed

5d05426e2d5fd7df8afc866b78c36b37b00188b7

Affected versions

v5.*

v5.11

v5.11-rc6

v5.11-rc7

v5.12

v5.12-rc1

v5.12-rc1-dontuse

v5.12-rc2

v5.12-rc3

v5.12-rc4

v5.12-rc5

v5.12-rc6

v5.12-rc7

v5.12-rc8

v5.13

v5.13-rc1

v5.13-rc2

v5.13-rc3

v5.13-rc4

v5.13-rc5

v5.13-rc6

v5.13-rc7

v5.14

v5.14-rc1

v5.14-rc2

v5.14-rc3

v5.14-rc4

v5.14-rc5

v5.14-rc6

v5.14-rc7

v5.15

v5.15-rc1

v5.15-rc2

v5.15-rc3

v5.15-rc4

v5.15-rc5

v5.15-rc6

v5.15-rc7

v5.15.1

v5.15.10

v5.15.11

v5.15.12

v5.15.13

v5.15.14

v5.15.15

v5.15.16

v5.15.17

v5.15.18

v5.15.19

v5.15.2

v5.15.20

v5.15.21

v5.15.22

v5.15.23

v5.15.24

v5.15.25

v5.15.26

v5.15.27

v5.15.28

v5.15.29

v5.15.3

v5.15.30

v5.15.31

v5.15.32

v5.15.33

v5.15.34

v5.15.35

v5.15.36

v5.15.37

v5.15.38

v5.15.39

v5.15.4

v5.15.40

v5.15.41

v5.15.42

v5.15.43

v5.15.44

v5.15.45

v5.15.46

v5.15.5

v5.15.6

v5.15.7

v5.15.8

v5.15.9

v5.16

v5.16-rc1

v5.16-rc2

v5.16-rc3

v5.16-rc4

v5.16-rc5

v5.16-rc6

v5.16-rc7

v5.16-rc8

v5.17

v5.17-rc1

v5.17-rc2

v5.17-rc3

v5.17-rc4

v5.17-rc5

v5.17-rc6

v5.17-rc7

v5.17-rc8

v5.17.1

v5.17.10

v5.17.11

v5.17.12

v5.17.13

v5.17.14

v5.17.2

v5.17.3

v5.17.4

v5.17.5

v5.17.6

v5.17.7

v5.17.8

v5.17.9

v5.18

v5.18-rc1

v5.18-rc2

v5.18-rc3

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.18.1

v5.18.2

v5.18.3

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.12.0

Fixed

5.15.47

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

5.17.15

Type: ECOSYSTEM
Events: Introduced

5.18.0

Fixed

5.18.4