CVE-2022-48944

Where commit 4ef0c5c6b5ba ("kernel/sched: Fix schedfork() access an invalid schedtask_group") fixed a fork race vs cgroup, it opened up a race vs syscalls by not placing the task on the runqueue before it gets exposed through the pidhash.

Commit 13765de8148f ("sched/fair: Fix fault in reweight_entity") is trying to fix a single instance of this, instead fix the whole class of issues, effectively reverting this commit.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48944.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

3869eecf050416a1d19bac60926f6b5d64b0aa58

Fixed

3411613611a5cddf7e80908010dc87cb527dd13b

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4ef0c5c6b5ba1f38f0ea1cedad0cad722f00c14a

Fixed

c65cfd89cef669d90c59f3bf150af6458137a04f

Fixed

b1e8206582f9d680cff7d04828708c8b6ab32957

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

c85c6fadbef0a3eab41540ea628fa8fe8928c820

Last affected

25d40b828fb855ee62e1039c65a666c9afd60786

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48944.json"