Bug 2235493 (CVE-2022-47022) - CVE-2022-47022 hwloc: null pointer dereference bug in open-mpi hwloc
Summary: CVE-2022-47022 hwloc: null pointer dereference bug in open-mpi hwloc
Status: NEW
Alias: CVE-2022-47022
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Product Security
QA Contact:
Depends On: 2236259 2235494 2235495 2235496 2235497
Blocks: 2235492
TreeView+ depends on / blocked
Reported: 2023-08-28 21:30 UTC by Chess Hazlett
Modified: 2023-09-11 07:05 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in open-mpi/hwloc. A NULL pointer dereference in the hwloc_linux_set_tid_cpubind function in topology-linux.c may cause the application to crash and lead to a denial of service in certain conditions.
Clone Of:
Last Closed:

Attachments (Terms of Use)

Description Chess Hazlett 2023-08-28 21:30:54 UTC
An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c.

Comment 2 Pedro Sampaio 2023-08-30 20:13:01 UTC
Created hwloc tracking bugs for this issue:

Affects: fedora-all [bug 2236259]

Note You need to log in before you can comment on or make changes to this bug.