{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-49651", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-02-26T02:21:30.433Z", "datePublished": "2025-02-26T02:23:53.496Z", "dateUpdated": "2025-02-27T18:22:31.366Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-02-26T02:23:53.496Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsrcu: Tighten cleanup_srcu_struct() GP checks\n\nCurrently, cleanup_srcu_struct() checks for a grace period in progress,\nbut it does not check for a grace period that has not yet started but\nwhich might start at any time. Such a situation could result in a\nuse-after-free bug, so this commit adds a check for a grace period that\nis needed but not yet started to cleanup_srcu_struct()."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/rcu/srcutree.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "e997dda6502eefbc1032d6b0da7b353c53344b07", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "8ed00760203d8018bee042fbfe8e076579be2c2b", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/rcu/srcutree.c"], "versions": [{"version": "5.18.11", "lessThanOrEqual": "5.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/e997dda6502eefbc1032d6b0da7b353c53344b07"}, {"url": "https://git.kernel.org/stable/c/8ed00760203d8018bee042fbfe8e076579be2c2b"}], "title": "srcu: Tighten cleanup_srcu_struct() GP checks", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-49651", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-27T18:15:18.409911Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-27T18:22:31.366Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-49651", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-02-26T02:21:30.433Z", "datePublished": "2025-02-26T02:23:53.496Z", "dateUpdated": "2025-02-27T18:22:31.366Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-02-26T02:23:53.496Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsrcu: Tighten cleanup_srcu_struct() GP checks\n\nCurrently, cleanup_srcu_struct() checks for a grace period in progress,\nbut it does not check for a grace period that has not yet started but\nwhich might start at any time. Such a situation could result in a\nuse-after-free bug, so this commit adds a check for a grace period that\nis needed but not yet started to cleanup_srcu_struct()."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/rcu/srcutree.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "e997dda6502eefbc1032d6b0da7b353c53344b07", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "8ed00760203d8018bee042fbfe8e076579be2c2b", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/rcu/srcutree.c"], "versions": [{"version": "5.18.11", "lessThanOrEqual": "5.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/e997dda6502eefbc1032d6b0da7b353c53344b07"}, {"url": "https://git.kernel.org/stable/c/8ed00760203d8018bee042fbfe8e076579be2c2b"}], "title": "srcu: Tighten cleanup_srcu_struct() GP checks", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-49651", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-27T18:15:18.409911Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-27T18:15:19.669Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "87059C94-C259-4650-B469-625FE475651B", "versionEndExcluding": "5.18.11", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsrcu: Tighten cleanup_srcu_struct() GP checks\n\nCurrently, cleanup_srcu_struct() checks for a grace period in progress,\nbut it does not check for a grace period that has not yet started but\nwhich might start at any time. Such a situation could result in a\nuse-after-free bug, so this commit adds a check for a grace period that\nis needed but not yet started to cleanup_srcu_struct()."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: srcu: Reforzar las comprobaciones de GP de cleanup_srcu_struct() Actualmente, cleanup_srcu_struct() comprueba si hay un per\u00edodo de gracia en curso, pero no comprueba si hay un per\u00edodo de gracia que a\u00fan no ha comenzado pero que podr\u00eda comenzar en cualquier momento. Una situaci\u00f3n de este tipo podr\u00eda dar lugar a un error de use-after-free, por lo que esta confirmaci\u00f3n a\u00f1ade una comprobaci\u00f3n de un per\u00edodo de gracia que es necesario pero que a\u00fan no ha comenzado a cleanup_srcu_struct()."}], "id": "CVE-2022-49651", "lastModified": "2025-03-24T19:03:58.443", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-02-26T07:01:40.237", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8ed00760203d8018bee042fbfe8e076579be2c2b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e997dda6502eefbc1032d6b0da7b353c53344b07"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "kernel: srcu: Tighten cleanup_srcu_struct() GP checks", "id": "2347649", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347649"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-459", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nsrcu: Tighten cleanup_srcu_struct() GP checks\nCurrently, cleanup_srcu_struct() checks for a grace period in progress,\nbut it does not check for a grace period that has not yet started but\nwhich might start at any time. Such a situation could result in a\nuse-after-free bug, so this commit adds a check for a grace period that\nis needed but not yet started to cleanup_srcu_struct()."], "name": "CVE-2022-49651", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-49651\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49651\nhttps://lore.kernel.org/linux-cve-announce/2025022620-CVE-2022-49651-601b@gregkh/T"], "threat_severity": "Moderate"}