PT-2025-8200 · Linux+4 · Linux Kernel+4

Published

2022-11-08

·

Updated

2026-02-04

·

CVE-2022-49272

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A potential deadlock issue was identified in the Linux kernel, specifically in the ALSA pcm component, between the buffer mutex and mmap lock. This issue could occur due to concurrent access via both ALSA and OSS APIs, potentially leading to an AB/BA deadlock. The problem arises when the OSS mmap operation is performed, allowing re-configuration of parameters while holding the mm->mmap mutex, and simultaneously, read/write operations take the mm->mmap lock internally. A similar issue was previously addressed using a refcount. The current patch resolves this by replacing the buffer mutex lock in read/write operations with a refcount, tracking concurrent access via the runtime->buffer accessing field.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

ALSA-2025_16880
CESA-2022_7683
CVE-2022-49272
OPENSUSE-SU-2025_1263-1
RHSA-2022:7683
RHSA-2022:8267
RHSA-2022_7683
RHSA-2022_8267
SUSE-SU-2025:0983-1
SUSE-SU-2025:1027-1
SUSE-SU-2025:1176-1
SUSE-SU-2025:1183-1
SUSE-SU-2025:1194-1
SUSE-SU-2025:1241-1
SUSE-SU-2025:1263-1
SUSE-SU-2025:1293-1
SUSE-SU-2025_0983-1
SUSE-SU-2025_1027-1
SUSE-SU-2025_1241-1
SUSE-SU-2025_1263-1
SUSE-SU-2025_1293-1
SUSE-SU-2026:0385-1

Affected Products

Astra Linux
Centos
Linux Kernel
Red Hat
Suse