AZL-58971

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-58971.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-58971

Upstream

CVE-2022-49651

Published

2025-02-26T07:01:40Z

Modified

2026-04-01T05:19:23.787457Z

Summary

CVE-2022-49651 affecting package kernel 5.15.200.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

srcu: Tighten cleanupsrcustruct() GP checks

Currently, cleanupsrcustruct() checks for a grace period in progress, but it does not check for a grace period that has not yet started but which might start at any time. Such a situation could result in a use-after-free bug, so this commit adds a check for a grace period that is needed but not yet started to cleanupsrcustruct().

References

https://nvd.nist.gov/vuln/detail/CVE-2022-49651

Affected packages

Azure Linux:2 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

5.15.200.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-58971.json"