CVE-2022-49446

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-49446
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49446.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49446
Related
Published
2025-02-26T07:01:21Z
Modified
2025-03-17T19:43:07.515195Z
Downstream
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

nvdimm: Fix firmware activation deadlock scenarios

Lockdep reports the following deadlock scenarios for CXL root device power-management, deviceprepare(), operations, and deviceshutdown() operations for 'nd_region' devices:

Chain exists of: &nvdimmregionkey --> &nvdimmbus->reconfigmutex --> systemtransitionmutex

Possible unsafe locking scenario:

    CPU0                    CPU1
    ----                    ----

lock(systemtransitionmutex); lock(&nvdimmbus->reconfigmutex); lock(systemtransitionmutex); lock(&nvdimmregionkey);

Chain exists of: &cxlnvdimmbridgekey --> acpiscanlock --> &cxlroot_key

Possible unsafe locking scenario:

    CPU0                    CPU1
    ----                    ----

lock(&cxlrootkey); lock(acpiscanlock); lock(&cxlrootkey); lock(&cxlnvdimmbridge_key);

These stem from holding nvdimmbuslock() over hibernatequietexec() which walks the entire system device topology taking devicelock() along the way. The nvdimmbuslock() is protecting against unregistration, multiple simultaneous ops callers, and preventing activateshow() from racing activatestore(). For the first 2, the lock is redundant. Unregistration already flushes all ops users, and sysfs already prevents multiple threads to be active in an ops handler at the same time. For the last userspace should already be waiting for its last activatestore() to complete, and does not need activate_show() to flush the write side, so this lock usage can be deleted in these attributes.

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.127-1

Affected versions

5.*

5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1
5.10.84-1
5.10.92-1~bpo10+1
5.10.92-1
5.10.92-2
5.10.103-1~bpo10+1
5.10.103-1
5.10.106-1
5.10.113-1
5.10.120-1~bpo10+1
5.10.120-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.18.5-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.18.5-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}