-

CVE-2022-50676

EPSS 0.03%
Veröffentlicht 09.12.2025 01:29:29
Zuletzt bearbeitet 09.12.2025 18:37:13
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks()

syzbot is reporting lockdep warning at rds_tcp_reset_callbacks() [1], for
commit ac3615e7f3cffe2a ("RDS: TCP: Reduce code duplication in
rds_tcp_reset_callbacks()") added cancel_delayed_work_sync() into a section
protected by lock_sock() without realizing that rds_send_xmit() might call
lock_sock().

We don't need to protect cancel_delayed_work_sync() using lock_sock(), for
even if rds_{send,recv}_worker() re-queued this work while __flush_work()
 from cancel_delayed_work_sync() was waiting for this work to complete,
retried rds_{send,recv}_worker() is no-op due to the absence of RDS_CONN_UP
bit.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 12

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 5d2ba255e93211e541373469dffbda7c99dfa0e5

Version ac3615e7f3cffe2a1a6b25172dfd09e138593d82

Status affected

Version < 2425007c0967a7c04b0dee7cce05ecf0ca869ad1

Version ac3615e7f3cffe2a1a6b25172dfd09e138593d82

Status affected

Version < e3cb25d3ad08f5dbd53ce2b31720cad529944322

Version ac3615e7f3cffe2a1a6b25172dfd09e138593d82

Status affected

Version < 360aa7219285fac63dab99706a16f2daf3222abe

Version ac3615e7f3cffe2a1a6b25172dfd09e138593d82

Status affected

Version < da349221c4d2d4ac5f606c1c3b36d4ef0b3e6a0c

Version ac3615e7f3cffe2a1a6b25172dfd09e138593d82

Status affected

Version < 30bfa5aa7228eb1e67663d67e553627e572cc717

Version ac3615e7f3cffe2a1a6b25172dfd09e138593d82

Status affected

Version < c380c28ab9b15fc53565909c814f6dd3e7f77c4b

Version ac3615e7f3cffe2a1a6b25172dfd09e138593d82

Status affected

Version < afe7053c390fe8ff27d0c2ceaece5625283044ba

Version ac3615e7f3cffe2a1a6b25172dfd09e138593d82

Status affected

Version < a91b750fd6629354460282bbf5146c01b05c4859

Version ac3615e7f3cffe2a1a6b25172dfd09e138593d82

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.8

Status affected

Version < 4.8

Version 0

Status unaffected

Version <= 4.9.*

Version 4.9.331

Status unaffected

Version <= 4.14.*

Version 4.14.296

Status unaffected

Version <= 4.19.*

Version 4.19.262

Status unaffected

Version <= 5.4.*

Version 5.4.220

Status unaffected

Version <= 5.10.*

Version 5.10.150

Status unaffected

Version <= 5.15.*

Version 5.15.75

Status unaffected

Version <= 5.19.*

Version 5.19.17

Status unaffected

Version <= 6.0.*

Version 6.0.3

Status unaffected

Version <= *

Version 6.1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.091

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/5d2ba255e93211e541373469dffbda7c99dfa0e5

https://git.kernel.org/stable/c/2425007c0967a7c04b0dee7cce05ecf0ca869ad1

https://git.kernel.org/stable/c/e3cb25d3ad08f5dbd53ce2b31720cad529944322

https://git.kernel.org/stable/c/360aa7219285fac63dab99706a16f2daf3222abe

https://git.kernel.org/stable/c/da349221c4d2d4ac5f606c1c3b36d4ef0b3e6a0c

https://git.kernel.org/stable/c/30bfa5aa7228eb1e67663d67e553627e572cc717

https://git.kernel.org/stable/c/c380c28ab9b15fc53565909c814f6dd3e7f77c4b

https://git.kernel.org/stable/c/afe7053c390fe8ff27d0c2ceaece5625283044ba

https://git.kernel.org/stable/c/a91b750fd6629354460282bbf5146c01b05c4859

https://nvd.nist.gov/vuln/detail/CVE-2022-50676

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50676

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50676

EUVD