CVE-2022-49765
- Source
- https://cve.org/CVERecord?id=CVE-2022-49765
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49765.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49765
- Downstream
- Published
- 2025-05-01T14:09:04.896Z
- Modified
- 2026-03-20T11:47:13.213963Z
- Summary
- net/9p: use a dedicated spinlock for trans_fd
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net/9p: use a dedicated spinlock for trans_fd
Shamelessly copying the explanation from Tetsuo Handa's suggested patch[1] (slightly reworded): syzbot is reporting inconsistent lock state in p9reqput()[2], for p9tagremove() from p9reqput() from IRQ context is using spinlockirqsave() on "struct p9client"->lock but transfd (not from IRQ context) is using spin_lock().
Since the locks actually protect different things in client.c and in transfd.c, just replace transfd.c's lock by a new one specific to the transport (client.c's protect the idr for fid/tag allocations, while trans_fd.c's protects its own req list and request status field that acts as the transport's state machine)
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49765.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/296ab4a813841ba1d5f40b03190fd1bd8f25aab0
- https://git.kernel.org/stable/c/43bbadb7e4636dc02f6a283c2a39e6438e6173cd
- https://git.kernel.org/stable/c/717b9b4f38703d7f5293059e3a242d16f76fa045
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49765.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-49765
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git