CVE-2022-48799

medium

Description

In the Linux kernel, the following vulnerability has been resolved: perf: Fix list corruption in perf_cgroup_switch() There's list corruption on cgrp_cpuctx_list. This happens on the following path: perf_cgroup_switch: list_for_each_entry(cgrp_cpuctx_list) cpu_ctx_sched_in ctx_sched_in ctx_pinned_sched_in merge_sched_in perf_cgroup_event_disable: remove the event from the list Use list_for_each_entry_safe() to allow removing an entry during iteration.

References

https://git.kernel.org/stable/c/f6b5d51976fcefef5732da3e3feb3ccff680f7c8

https://git.kernel.org/stable/c/a2ed7b29d0673ba361546e2d87dbbed149456c45

https://git.kernel.org/stable/c/7969fe91c9830e045901970e9d755b7505881d4a

https://git.kernel.org/stable/c/5f4e5ce638e6a490b976ade4a40017b40abb2da0

https://git.kernel.org/stable/c/5d76ed4223403f90421782adb2f20a9ecbc93186

https://git.kernel.org/stable/c/30d9f3cbe47e1018ddc8069ac5b5c9e66fbdf727

https://git.kernel.org/stable/c/2142bc1469a316fddd10012d76428f7265258f81

Details

Source: Mitre, NVD

Published: 2024-07-16

Updated: 2024-07-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:L/AC:L/Au:M/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 4.4

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: Medium