5.5

CVE-2022-48944

sched: Fix yet more sched_fork() races

In the Linux kernel, the following vulnerability has been resolved:

sched: Fix yet more sched_fork() races

Where commit 4ef0c5c6b5ba ("kernel/sched: Fix sched_fork() access an
invalid sched_task_group") fixed a fork race vs cgroup, it opened up a
race vs syscalls by not placing the task on the runqueue before it
gets exposed through the pidhash.

Commit 13765de8148f ("sched/fair: Fix fault in reweight_entity") is
trying to fix a single instance of this, instead fix the whole class
of issues, effectively reverting this commit.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15.3 < 5.15.27
LinuxLinux Kernel Version >= 5.16 < 5.16.13
LinuxLinux Kernel Version5.10.80
LinuxLinux Kernel Version5.14.19
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.21% 0.11
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/3411613611a5cddf7e80908010dc87cb527dd13b
Patch
https://git.kernel.org/stable/c/b1e8206582f9d680cff7d04828708c8b6ab32957
Patch
https://git.kernel.org/stable/c/c65cfd89cef669d90c59f3bf150af6458137a04f
Patch