Bug 2099504 (CVE-2022-33981) - CVE-2022-33981 kernel: use-after-free in floppy driver may lead to a DoS
Summary: CVE-2022-33981 kernel: use-after-free in floppy driver may lead to a DoS
Alias: CVE-2022-33981
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 2140542
Blocks: 2099506
TreeView+ depends on / blocked
Reported: 2022-06-21 06:50 UTC by Marian Rehak
Modified: 2023-08-30 16:53 UTC (History)
57 users (show)

Fixed In Version: kernel 5.17.6
Doc Type: If docs needed, set a value
Doc Text:
A use-after-free flaw was found in drivers/block/floppy.c in floppy drive in the Linux Kernel. This issue could allow a local attacker to crash the system due to a race problem between raw_cmd_ioctl and seek_interrupt, which can lead to a kernel information leak.
Clone Of:
Last Closed: 2022-12-04 04:33:45 UTC

Attachments (Terms of Use)

Description Marian Rehak 2022-06-21 06:50:45 UTC
drivers/block/floppy.c in the Linux kernel is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.



Comment 7 Wade Mealing 2022-11-07 06:10:07 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2140542]

Comment 9 Justin M. Forbes 2022-11-08 15:12:55 UTC
This was fixed for Fedora with the 5.17.6 stable kernel updates.

Comment 10 Product Security DevOps Team 2022-12-04 04:33:42 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):


Comment 11 Jan Pazdziora 2023-07-28 16:30:16 UTC
How was review and fix of this issue for RHEL kernel tracked / handled? I don't see any RHEL-specific bugzillas filed.

Note You need to log in before you can comment on or make changes to this bug.