CVE-2022-48868

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the workqueue enabling process in the Linux kernel. When the driver is removed, it assumes that the workqueue was enabled successfully and attempts to free allocations made during workqueue enabling. However, if the workqueue enabling fails, the driver can still be loaded, and this can lead to problematic flows. For example, if idxd wq request irq() fails, idxd wq unmap portal() is called on the error exit path, but drv enable wq() returns 0 because idxd wq disable() succeeds. This allows the driver to be loaded successfully, but it can trigger a WARN in devm iounmap() when the driver is unloaded. Another example is when idxd wq request irq() fails, and idxd wq init percpu ref() is never called to initialize the percpu counter, yet the driver loads successfully because drv enable wq() returns 0. This can trigger a BUG when attempting to drop the initial ref of the uninitialized percpu ref. The fix involves returning the original error that indicates failure of workqueue enabling in the drv enable wq() error path.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.