CVE-2022-49651

high

Description

In the Linux kernel, the following vulnerability has been resolved: srcu: Tighten cleanup_srcu_struct() GP checks Currently, cleanup_srcu_struct() checks for a grace period in progress, but it does not check for a grace period that has not yet started but which might start at any time. Such a situation could result in a use-after-free bug, so this commit adds a check for a grace period that is needed but not yet started to cleanup_srcu_struct().

References

https://git.kernel.org/stable/c/e997dda6502eefbc1032d6b0da7b353c53344b07

https://git.kernel.org/stable/c/8ed00760203d8018bee042fbfe8e076579be2c2b

Details

Source: Mitre, NVD

Published: 2025-02-26

Updated: 2025-02-27

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:P/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

Detections

Analytics