| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Correctly move list in sc_disable()\n\nCommit 13bac861952a (\"IB/hfi1: Fix abba locking issue with sc_disable()\")\nincorrectly tries to move a list from one list head to another. The\nresult is a kernel crash.\n\nThe crash is triggered when a link goes down and there are waiters for a\nsend to complete. The following signature is seen:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000030\n [...]\n Call Trace:\n sc_disable+0x1ba/0x240 [hfi1]\n pio_freeze+0x3d/0x60 [hfi1]\n handle_freeze+0x27/0x1b0 [hfi1]\n process_one_work+0x1b0/0x380\n ? process_one_work+0x380/0x380\n worker_thread+0x30/0x360\n ? process_one_work+0x380/0x380\n kthread+0xd7/0x100\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30\n\nThe fix is to use the correct call to move the list." |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/infiniband/hw/hfi1/pio.c" |
| ], |
| "versions": [ |
| { |
| "version": "d997d4e4365f7e59cf6b59c70f966c56d704b64f", |
| "lessThan": "25760a41e3802f54aadcc31385543665ab349b8e", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "d98883f6c33e0d960afedcecaa92fc2b61fec383", |
| "lessThan": "7c4260f8f188df32414a5ecad63e8b934c2aa3f0", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "13bac861952a78664907a0f927d3e874e9a59034", |
| "lessThan": "ba95409d6b580501ff6d78efd00064f7df669926", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "13bac861952a78664907a0f927d3e874e9a59034", |
| "lessThan": "b8bcff99b07cc175a6ee12a52db51cdd2229586c", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "13bac861952a78664907a0f927d3e874e9a59034", |
| "lessThan": "1afac08b39d85437187bb2a92d89a741b1078f55", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "5d33bd6b4d4d035e42733592899918a18f2540da", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/infiniband/hw/hfi1/pio.c" |
| ], |
| "versions": [ |
| { |
| "version": "5.15", |
| "status": "affected" |
| }, |
| { |
| "version": "0", |
| "lessThan": "5.15", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.4.224", |
| "lessThanOrEqual": "5.4.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.10.154", |
| "lessThanOrEqual": "5.10.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.15.78", |
| "lessThanOrEqual": "5.15.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.0.8", |
| "lessThanOrEqual": "6.0.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.1", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.4.157", |
| "versionEndExcluding": "5.4.224" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.10.77", |
| "versionEndExcluding": "5.10.154" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.15", |
| "versionEndExcluding": "5.15.78" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.15", |
| "versionEndExcluding": "6.0.8" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.15", |
| "versionEndExcluding": "6.1" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.14.16" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/25760a41e3802f54aadcc31385543665ab349b8e" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/7c4260f8f188df32414a5ecad63e8b934c2aa3f0" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/ba95409d6b580501ff6d78efd00064f7df669926" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/b8bcff99b07cc175a6ee12a52db51cdd2229586c" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/1afac08b39d85437187bb2a92d89a741b1078f55" |
| } |
| ], |
| "title": "IB/hfi1: Correctly move list in sc_disable()", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2022-49931", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
