DEBIAN-CVE-2022-49018

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2022-49018
Import Source
https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-49018.json
JSON Data
https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2022-49018
Upstream
Published
2024-10-21T20:15:12.973Z
Modified
2026-03-11T07:35:28.639305Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sleep in atomic at close time Matt reported a splat at msk close time: BUG: sleeping function called from invalid context at net/mptcp/protocol.c:2877 inatomic(): 1, irqsdisabled(): 0, nonblock: 0, pid: 155, name: packetdrill preemptcount: 201, expected: 0 RCU nest depth: 0, expected: 0 4 locks held by packetdrill/155: #0: ffff888001536990 (&sb->stype->imutex_key#6){+.+.}-{3:3}, at: __sockrelease (net/socket.c:650) #1: ffff88800b498130 (sklock-AFINET){+.+.}-{0:0}, at: mptcpclose (net/mptcp/protocol.c:2973) #2: ffff88800b49a130 (sklock-AFINET/1){+.+.}-{0:0}, at: __mptcpclosessk (net/mptcp/protocol.c:2363) #3: ffff88800b49a0b0 (slock-AF_INET){+...}-{2:2}, at: __locksockfast (include/net/sock.h:1820) Preemption disabled at: 0x0 CPU: 1 PID: 155 Comm: packetdrill Not tainted 6.1.0-rc5 #365 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Call Trace: <TASK> dump_stacklvl (lib/dumpstack.c:107 (discriminator 4)) __might_resched.cold (kernel/sched/core.c:9891) __mptcpdestroysock (include/linux/kernel.h:110) __mptcpclose (net/mptcp/protocol.c:2959) mptcpsubflowqueueclean (include/net/sock.h:1777) __mptcpclosessk (net/mptcp/protocol.c:2363) mptcpdestroycommon (net/mptcp/protocol.c:3170) mptcp_destroy (include/net/sock.h:1495) __mptcpdestroysock (net/mptcp/protocol.c:2886) __mptcpclose (net/mptcp/protocol.c:2959) mptcpclose (net/mptcp/protocol.c:2974) inetrelease (net/ipv4/afinet.c:432) __sockrelease (net/socket.c:651) sockclose (net/socket.c:1367) __fput (fs/filetable.c:320) taskworkrun (kernel/taskwork.c:181 (discriminator 1)) exittousermodeprepare (include/linux/resumeusermode.h:49) syscallexittousermode (kernel/entry/common.c:130) dosyscall64 (arch/x86/entry/common.c:87) entrySYSCALL64afterhwframe (arch/x86/entry/entry64.S:120) We can't call mptcpclose under the 'fast' socket lock variant, replace it with a socklocknested() as the relevant code is already under the listening msk socket lock protection.

References

Affected packages

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.0.12-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-49018.json"

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.0.12-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-49018.json"

Debian:14 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.0.12-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-49018.json"