CVE-2022-48931
- Source
- https://cve.org/CVERecord?id=CVE-2022-48931
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48931.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-48931
- Downstream
- Related
- Published
- 2024-08-22T03:31:24.823Z
- Modified
- 2026-03-20T12:22:01.495295Z
- Summary
- configfs: fix a race in configfs_{,un}register_subsystem()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
configfs: fix a race in configfs_{,un}register_subsystem()
When configfsregistersubsystem() or configfsunregistersubsystem() is executing linkgroup() or unlinkgroup(), it is possible that two processes add or delete list concurrently. Some unfortunate interleavings of them can cause kernel panic.
One of cases is: A --> B --> C --> D A <-- B <-- C <-- D
delete list_head *B | delete list_head *C--------------------------------|----------------------------------- configfsunregistersubsystem | configfsunregistersubsystem unlinkgroup | unlinkgroup unlinkobj | unlinkobj listdelinit | listdelinit __listdelentry | __listdelentry __list_del | _listdel // next == C | next->prev = prev | | next->prev = prev prev->next = next | | // prev == B | prev->next = next
Fix this by adding mutex when calling linkgroup() or unlinkgroup(), but parent configfssubsystem is NULL when configitem is root. So I create a mutex configfssubsystemmutex.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48931.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/3aadfd46858b1f64d4d6a0654b863e21aabff975
- https://git.kernel.org/stable/c/40805099af11f68c5ca7dbcfacf455da8f99f622
- https://git.kernel.org/stable/c/84ec758fb2daa236026506868c8796b0500c047d
- https://git.kernel.org/stable/c/a37024f7757c25550accdebf49e497ad6ae239fe
- https://git.kernel.org/stable/c/a7ab53d3c27dfe83bb594456b9f38a37796ec39b
- https://git.kernel.org/stable/c/b7e2b91fcb5c78c414e33dc8d50642e307ca0c5a
- https://git.kernel.org/stable/c/d1654de19d42f513b6cfe955cc77e7f427e05a77
- https://git.kernel.org/stable/c/e7a66dd2687758718eddd79b542a95cf3aa488cc
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48931.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-48931
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced7063fbf2261194f72ee75afca67b3b38b554b5faFixed40805099af11f68c5ca7dbcfacf455da8f99f622Fixedd1654de19d42f513b6cfe955cc77e7f427e05a77Fixeda37024f7757c25550accdebf49e497ad6ae239feFixedb7e2b91fcb5c78c414e33dc8d50642e307ca0c5aFixeda7ab53d3c27dfe83bb594456b9f38a37796ec39bFixede7a66dd2687758718eddd79b542a95cf3aa488ccFixed3aadfd46858b1f64d4d6a0654b863e21aabff975Fixed84ec758fb2daa236026506868c8796b0500c047d