CVE-2022-49118

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-49118
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49118.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49118
Downstream
Related
Published
2025-02-26T01:55:00.169Z
Modified
2026-03-12T03:24:37.459995Z
Summary
scsi: hisi_sas: Free irq vectors in order for v3 HW
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: hisi_sas: Free irq vectors in order for v3 HW

If the driver probe fails to request the channel IRQ or fatal IRQ, the driver will free the IRQ vectors before freeing the IRQs in free_irq(), and this will cause a kernel BUG like this:

------------[ cut here ]------------ kernel BUG at drivers/pci/msi.c:369! Internal error: Oops - BUG: 0 [#1] PREEMPT SMP Call trace: freemsiirqs+0x118/0x13c pcidisablemsi+0xfc/0x120 pcifreeirqvectors+0x24/0x3c hisisasv3probe+0x360/0x9d0 [hisisasv3hw] localpciprobe+0x44/0xb0 workforcpufn+0x20/0x34 processonework+0x1d0/0x340 workerthread+0x2e0/0x460 kthread+0x180/0x190 retfrom_fork+0x10/0x20 ---[ end trace b88990335b610c11 ]---

So we use devmaddaction() to control the order in which we free the vectors.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49118.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
47caad1577cd7a39e2048c5e4edbce4b863dc12b
Fixed
224903cc60d045576393c3b16907742f23e6c740
Fixed
f05a0d8de2ea49af36821a20b0b501e20ced937e
Fixed
8b6eab9d683bae7f88dc894b8c851f866032301c
Fixed
b4cc04fa8f1fc3816c8494d77abab3f72b9d2292
Fixed
554fb72ee34f4732c7f694f56c3c6e67790352a0

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49118.json"