CVE-2022-49720
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/02/2025
Last modified:
01/10/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
block: Fix handling of offline queues in blk_mq_alloc_request_hctx()<br />
<br />
This patch prevents that test nvme/004 triggers the following:<br />
<br />
UBSAN: array-index-out-of-bounds in block/blk-mq.h:135:9<br />
index 512 is out of range for type &#39;long unsigned int [512]&#39;<br />
Call Trace:<br />
show_stack+0x52/0x58<br />
dump_stack_lvl+0x49/0x5e<br />
dump_stack+0x10/0x12<br />
ubsan_epilogue+0x9/0x3b<br />
__ubsan_handle_out_of_bounds.cold+0x44/0x49<br />
blk_mq_alloc_request_hctx+0x304/0x310<br />
__nvme_submit_sync_cmd+0x70/0x200 [nvme_core]<br />
nvmf_connect_io_queue+0x23e/0x2a0 [nvme_fabrics]<br />
nvme_loop_connect_io_queues+0x8d/0xb0 [nvme_loop]<br />
nvme_loop_create_ctrl+0x58e/0x7d0 [nvme_loop]<br />
nvmf_create_ctrl+0x1d7/0x4d0 [nvme_fabrics]<br />
nvmf_dev_write+0xae/0x111 [nvme_fabrics]<br />
vfs_write+0x144/0x560<br />
ksys_write+0xb7/0x140<br />
__x64_sys_write+0x42/0x50<br />
do_syscall_64+0x35/0x80<br />
entry_SYSCALL_64_after_hwframe+0x44/0xae
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.16 (including) | 5.10.214 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.49 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 5.18.6 (excluding) |
| cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.19:rc2:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page