PT-2024-9268 · Linux+3 · Linux Kernel+3

Published

2024-06-20

Updated

2026-03-14

CVE-2022-48721

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.0

Description: The issue is related to the net/smc component of the Linux kernel, where a fallback from SMC to TCP can cause socket waitqueue entries to remain in smc socket->wq. This can lead to a crash when the clcsock waitqueue is being iterated over. The problem arises because the owners of these entries, such as epoll, are not aware that the entries have been transferred to a different socket wait queue and still use the original waitqueue spinlock. To fix this, a mechanism is needed to wake up smc socket->wq at the same time if some entries remain in it.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

BDU:2024-10956

CVE-2022-48721

OESA-2024-1860

OPENSUSE-SU-2024_2372-1

OPENSUSE-SU-2024_2394-1

SUSE-SU-2024:2372-1

SUSE-SU-2024:2394-1

SUSE-SU-2024:2902-1

SUSE-SU-2024:2929-1

SUSE-SU-2024:2939-1

Affected Products

Debian

Linux Kernel

Red Os

Suse

PT-2024-9268 · Linux+3 · Linux Kernel+3

CVE-2022-48721

Weakness Enumeration

Related Identifiers

Affected Products

References · 1229