CVE-2022-50350

EPSS 0.02%
Veröffentlicht 16.09.2025 16:11:42
Zuletzt bearbeitet 17.09.2025 14:18:55
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

scsi: target: iscsi: Fix a race condition between login_work and the login thread

In case a malicious initiator sends some random data immediately after a
login PDU; the iscsi_target_sk_data_ready() callback will schedule the
login_work and, at the same time, the negotiation may end without clearing
the LOGIN_FLAGS_INITIAL_PDU flag (because no additional PDU exchanges are
required to complete the login).

The login has been completed but the login_work function will find the
LOGIN_FLAGS_INITIAL_PDU flag set and will never stop from rescheduling
itself; at this point, if the initiator drops the connection, the
iscsit_conn structure will be freed, login_work will dereference a released
socket structure and the kernel crashes.

BUG: kernel NULL pointer dereference, address: 0000000000000230
PF: supervisor write access in kernel mode
PF: error_code(0x0002) - not-present page
Workqueue: events iscsi_target_do_login_rx [iscsi_target_mod]
RIP: 0010:_raw_read_lock_bh+0x15/0x30
Call trace:
 iscsi_target_do_login_rx+0x75/0x3f0 [iscsi_target_mod]
 process_one_work+0x1e8/0x3c0

Fix this bug by forcing login_work to stop after the login has been
completed and the socket callbacks have been restored.

Add a comment to clearify the return values of iscsi_target_do_login()

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 1533b8b3058db618409f41554ebe768c2e3acfae

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 3ecdca49ca49d4770639d81503c873b6d25887c4

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < fec1b2fa62c162d03f5dcd7b03e3c89d3116d49f

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version <= 6.0.*

Version 6.0.16

Status unaffected

Version <= 6.1.*

Version 6.1.2

Status unaffected

Version <= *

Version 6.2

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.043

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/1533b8b3058db618409f41554ebe768c2e3acfae

https://git.kernel.org/stable/c/3ecdca49ca49d4770639d81503c873b6d25887c4

https://git.kernel.org/stable/c/fec1b2fa62c162d03f5dcd7b03e3c89d3116d49f

https://nvd.nist.gov/vuln/detail/CVE-2022-50350

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50350

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50350

EUVD