CVE-2022-49434
- Source
- https://cve.org/CVERecord?id=CVE-2022-49434
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49434.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49434
- Downstream
- Related
- Published
- 2025-02-26T02:12:51.068Z
- Modified
- 2026-03-12T03:25:09.561063Z
- Summary
- PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
PCI: Avoid pcidevlock() AB/BA deadlock with sriovnumvfsstore()
The sysfs sriovnumvfsstore() path acquires the device lock before the config space access lock:
sriovnumvfsstore devicelock # A (1) acquire device lock sriovconfigure vfiopcisriovconfigure # (for example) vfiopcicoresriovconfigure pcidisablesriov sriovdisable pcicfgaccesslock pciwaitcfg # B (4) wait for dev->blockcfg_access == 0
Previously, pcidevlock() acquired the config space access lock before the device lock:
pcidevlock pcicfgaccesslock dev->blockcfgaccess = 1 # B (2) set dev->blockcfgaccess = 1 devicelock # A (3) wait for device lock
Any path that uses pcidevlock(), e.g., pciresetfunction(), may deadlock with sriovnumvfsstore() if the operations occur in the sequence (1) (2) (3) (4).
Avoid the deadlock by reversing the order in pcidevlock() so it acquires the device lock before the config space access lock, the same as the sriovnumvfsstore() path.
[bhelgaas: combined and adapted commit log from Jay Zhou's independent subsequent posting: https://lore.kernel.org/r/20220404062539.1710-1-jianjay.zhou@huawei.com]
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49434.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/2cdd5284035322795b0964f899eefba254cfe483
- https://git.kernel.org/stable/c/59ea6b3ae51df7cd6bfd84c9c0030609b9315622
- https://git.kernel.org/stable/c/a91ee0e9fca9d7501286cfbced9b30a33e52740a
- https://git.kernel.org/stable/c/aed6d4d519210c28817948f34c53b6e058e0456c
- https://git.kernel.org/stable/c/c3c6dc1853b8bf3c718f96fd8480a6eb09ba4831
- https://git.kernel.org/stable/c/c9a81f9ed6ae3554621d6a50220b1bc74b67d81e
- https://git.kernel.org/stable/c/ea047f51172aa68841adef7f52d375002438b8f0
- https://git.kernel.org/stable/c/eff3587b9c01439b738298475e555c028ac9f55e
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49434.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-49434
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced17530e71e0166a37f8e20a9b7bcf1d50ae3cff8eFixedc3c6dc1853b8bf3c718f96fd8480a6eb09ba4831Fixedaed6d4d519210c28817948f34c53b6e058e0456cFixedc9a81f9ed6ae3554621d6a50220b1bc74b67d81eFixedeff3587b9c01439b738298475e555c028ac9f55eFixed2cdd5284035322795b0964f899eefba254cfe483Fixedea047f51172aa68841adef7f52d375002438b8f0Fixed59ea6b3ae51df7cd6bfd84c9c0030609b9315622Fixeda91ee0e9fca9d7501286cfbced9b30a33e52740a