CVE-2022-49925

KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f] CPU: 1 PID: 379 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) RIP: 0010:destroyworkqueue+0x2f/0x740 RSP: 0018:ffff888016137df8 EFLAGS: 00000202 ... Call Trace: ibcorecleanup+0xa/0xa1 [ibcore] _dosysdeletemodule.constprop.0+0x34f/0x5b0 dosyscall64+0x3a/0x90 entrySYSCALL64afterhwframe+0x63/0xcd RIP: 0033:0x7fa1a0d221b7 ...

It is because the fail of rocegidmgmt_init() is ignored:

ibcoreinit() rocegidmgmtinit() gidcachewq = allocorderedworkqueue # fail ... ibcorecleanup() rocegidmgmtcleanup() destroyworkqueue(gidcache_wq) # destroy an unallocated wq

Fix this by catching the fail of rocegidmgmtinit() in ibcore_init().

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49925.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

03db3a2d81e6e84f3ed3cb9e087cae17d762642b

Fixed

af8fb5a0600e9ae29950e9422a032c3c22649ee5

Fixed

d360e875c011a005628525bf290322058927e7dc

Fixed

6b3d5dcb12347f3518308c2c9d2cf72453a3e1e5

Fixed

ab817f75e5e0fa58d9be0825da6a7b7d8a1fa1d9

Fixed

07c0d131cc0fe1f3981a42958fc52d573d303d89

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49925.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.3.0

Fixed

5.4.224

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.154

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.78

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.0.8

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49925.json"