5.5
CVE-2025-22072
- EPSS 0.18%
- Veröffentlicht 16.04.2025 14:12:24
- Zuletzt bearbeitet 03.11.2025 20:17:42
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
spufs: fix gang directory lifetimes
In the Linux kernel, the following vulnerability has been resolved: spufs: fix gang directory lifetimes prior to "[POWERPC] spufs: Fix gang destroy leaks" we used to have a problem with gang lifetimes - creation of a gang returns opened gang directory, which normally gets removed when that gets closed, but if somebody has created a context belonging to that gang and kept it alive until the gang got closed, removal failed and we ended up with a leak. Unfortunately, it had been fixed the wrong way. Dentry of gang directory was no longer pinned, and rmdir on close was gone. One problem was that failure of open kept calling simple_rmdir() as cleanup, which meant an unbalanced dput(). Another bug was in the success case - gang creation incremented link count on root directory, but that was no longer undone when gang got destroyed. Fix consists of * reverting the commit in question * adding a counter to gang, protected by ->i_rwsem of gang directory inode. * having it set to 1 at creation time, dropped in both spufs_dir_close() and spufs_gang_close() and bumped in spufs_create_context(), provided that it's not 0. * using simple_recursive_removal() to take the gang directory out when counter reaches zero.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.6.23 < 6.1.134
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.87
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.23
Linux ≫ Linux Kernel Version >= 6.13 < 6.13.11
Linux ≫ Linux Kernel Version >= 6.14 < 6.14.2
Linux ≫ Linux Kernel Version2.6.22 Update-
Linux ≫ Linux Kernel Version2.6.22 Updaterc5
Linux ≫ Linux Kernel Version2.6.22 Updaterc6
Linux ≫ Linux Kernel Version2.6.22 Updaterc7
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.073 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
https://git.kernel.org/stable/c/880e7b3da2e765c1f90c94c0539be039e96c7062
https://git.kernel.org/stable/c/324f280806aab28ef757aecc18df419676c10ef8
https://git.kernel.org/stable/c/029d8c711f5e5fe8cf63e8a4a1a140a06e224e45
https://git.kernel.org/stable/c/903733782f3ae28a2f7fe4dfb47c7fe3e079a528
https://git.kernel.org/stable/c/fc646a6c6d14b5d581f162a7e32999f789e3a3ac
https://git.kernel.org/stable/c/c134deabf4784e155d360744d4a6a835b9de4dd4
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html