Bug 2348045 (CVE-2022-49089)
| Summary: | CVE-2022-49089 kernel: IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | dfreiber, drow, jburrell, vkumar |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: |
A flaw was found in the Linux kernel’s RDMA subsystem, which supports high-speed networking. Due to a missing safety check, two parts of the system could try to handle an error at the same time. This race condition could cause unexpected behavior or a system crash. A local user with access to RDMA hardware could potentially trigger this issue. The highest impact is system instability or denial of service. The problem was fixed by adding proper safeguards to prevent multiple processes from interfering with each other during error handling.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2025-02-26 03:15:43 UTC
|