CVE-2022-49694
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49694
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49694.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49694
- Downstream
- Related
- Published
- 2025-02-26T02:24:16.910Z
- Modified
- 2025-11-14T22:59:54.439055Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- block: disable the elevator int del_gendisk
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
block: disable the elevator int del_gendisk
The elevator is only used for file system requests, which are stopped in delgendisk. Move disabling the elevator and freeing the scheduler tags to the end of delgendisk instead of doing that work in diskrelease and blkcleanupqueue to avoid a use after free on q->tagset from diskrelease as the tagset might not be alive at that point.
Move the blkqosexit call as well, as it just depends on the elevator exit and would be the only reason to keep the not exactly cheap queue freeze in disk_release.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede155b0c238b20f0a866f4334d292656665836c8aFixedf28699fafc047ec33299da01e928c3a0073c5cc6
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede155b0c238b20f0a866f4334d292656665836c8aFixed50e34d78815e474d410f342fbe783b18192ca518
Affected versions
v5.*
v5.15
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.18.1
v5.18.2
v5.18.3
v5.18.4
v5.18.5
v5.18.6
v5.18.7
v5.19-rc1
v5.19-rc2
Database specific
vanir_signatures
[
{
"digest": {
"line_hashes": [
"172431766325802893962873872307912190522",
"140026565393004112356051217876562946337",
"286340177361798674404312399045419509339",
"77075558411290217646498886954582066843",
"336402815666687840407225483059757212287",
"108418402322102808596606138450867222725",
"16037464906036570892518711889170037284"
],
"threshold": 0.9
},
"target": {
"file": "block/blk-core.c"
},
"deprecated": false,
"id": "CVE-2022-49694-10844232",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50e34d78815e474d410f342fbe783b18192ca518",
"signature_type": "Line"
},
{
"digest": {
"length": 501.0,
"function_hash": "313882376650724978298320104741961114731"
},
"target": {
"file": "block/genhd.c",
"function": "disk_release"
},
"deprecated": false,
"id": "CVE-2022-49694-174ea801",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50e34d78815e474d410f342fbe783b18192ca518",
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"296117002072983165992577145464107630238",
"307158103843193134040965956559070525244",
"256932330317758886649460756915559482006",
"270824538689803279712314253569325106518",
"16737138116403312349973187156765742106",
"328693322375504566383486732667594750672",
"61915920373105111535111270609399497073",
"49256074631937622945772801651268478751",
"228465953185626937641901382129522541822",
"127369749842517411414670898122179322162",
"280988532311800048727955219154122818923",
"4426917439206528540508448837550167006",
"3698852206160998484840713771398274647",
"228781573566782575110034170449801308210",
"286792451448828009868950064328779248960",
"334151566718803710844867209694185297172",
"79830699853084975392389055830856919525",
"315145467178487525799616942173341387769",
"313445636049788045860805021552551182345",
"242805744288879705125686727717663078998",
"153673587491648808891838951892353623348",
"268185127843596473347885547748477323941",
"81934379024175693742168902927523254663",
"87997514662493221863076392476050118449"
],
"threshold": 0.9
},
"target": {
"file": "block/genhd.c"
},
"deprecated": false,
"id": "CVE-2022-49694-1b7f9216",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f28699fafc047ec33299da01e928c3a0073c5cc6",
"signature_type": "Line"
},
{
"digest": {
"length": 527.0,
"function_hash": "101130331731108368488852334308877907120"
},
"target": {
"file": "block/blk-core.c",
"function": "blk_cleanup_queue"
},
"deprecated": false,
"id": "CVE-2022-49694-1fd061c2",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50e34d78815e474d410f342fbe783b18192ca518",
"signature_type": "Function"
},
{
"digest": {
"length": 1118.0,
"function_hash": "258753272170099238700972337030331003192"
},
"target": {
"file": "block/genhd.c",
"function": "del_gendisk"
},
"deprecated": false,
"id": "CVE-2022-49694-36833d78",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50e34d78815e474d410f342fbe783b18192ca518",
"signature_type": "Function"
},
{
"digest": {
"length": 527.0,
"function_hash": "101130331731108368488852334308877907120"
},
"target": {
"file": "block/blk-core.c",
"function": "blk_cleanup_queue"
},
"deprecated": false,
"id": "CVE-2022-49694-3c0364d0",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f28699fafc047ec33299da01e928c3a0073c5cc6",
"signature_type": "Function"
},
{
"digest": {
"length": 501.0,
"function_hash": "313882376650724978298320104741961114731"
},
"target": {
"file": "block/genhd.c",
"function": "disk_release"
},
"deprecated": false,
"id": "CVE-2022-49694-461b0b16",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f28699fafc047ec33299da01e928c3a0073c5cc6",
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"172431766325802893962873872307912190522",
"140026565393004112356051217876562946337",
"286340177361798674404312399045419509339",
"77075558411290217646498886954582066843",
"336402815666687840407225483059757212287",
"108418402322102808596606138450867222725",
"16037464906036570892518711889170037284"
],
"threshold": 0.9
},
"target": {
"file": "block/blk-core.c"
},
"deprecated": false,
"id": "CVE-2022-49694-6f225e83",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f28699fafc047ec33299da01e928c3a0073c5cc6",
"signature_type": "Line"
},
{
"digest": {
"length": 258.0,
"function_hash": "300901616859482096291110303091583928547"
},
"target": {
"file": "block/genhd.c",
"function": "disk_release_mq"
},
"deprecated": false,
"id": "CVE-2022-49694-8935b6a6",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f28699fafc047ec33299da01e928c3a0073c5cc6",
"signature_type": "Function"
},
{
"digest": {
"length": 258.0,
"function_hash": "300901616859482096291110303091583928547"
},
"target": {
"file": "block/genhd.c",
"function": "disk_release_mq"
},
"deprecated": false,
"id": "CVE-2022-49694-e33c4bb1",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50e34d78815e474d410f342fbe783b18192ca518",
"signature_type": "Function"
},
{
"digest": {
"length": 1118.0,
"function_hash": "258753272170099238700972337030331003192"
},
"target": {
"file": "block/genhd.c",
"function": "del_gendisk"
},
"deprecated": false,
"id": "CVE-2022-49694-efca265b",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f28699fafc047ec33299da01e928c3a0073c5cc6",
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"296117002072983165992577145464107630238",
"307158103843193134040965956559070525244",
"256932330317758886649460756915559482006",
"270824538689803279712314253569325106518",
"16737138116403312349973187156765742106",
"328693322375504566383486732667594750672",
"61915920373105111535111270609399497073",
"49256074631937622945772801651268478751",
"228465953185626937641901382129522541822",
"127369749842517411414670898122179322162",
"280988532311800048727955219154122818923",
"4426917439206528540508448837550167006",
"3698852206160998484840713771398274647",
"228781573566782575110034170449801308210",
"286792451448828009868950064328779248960",
"334151566718803710844867209694185297172",
"79830699853084975392389055830856919525",
"315145467178487525799616942173341387769",
"313445636049788045860805021552551182345",
"242805744288879705125686727717663078998",
"153673587491648808891838951892353623348",
"268185127843596473347885547748477323941",
"81934379024175693742168902927523254663",
"87997514662493221863076392476050118449"
],
"threshold": 0.9
},
"target": {
"file": "block/genhd.c"
},
"deprecated": false,
"id": "CVE-2022-49694-f4086985",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50e34d78815e474d410f342fbe783b18192ca518",
"signature_type": "Line"
}
]