PT-2025-8539 · Linux+4 · Linux Kernel+4

Mustafa Ismail

Published

2022-07-05

Updated

2025-04-14

CVE-2022-49606

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A bug in the Linux kernel has been identified, specifically in the RDMA/irdma component. The issue arises when the qos mutex is taken to process RoCEv2 QP's on netdev events, resulting in a kernel splat. This occurs because the handling for RoCEv2 in irdma cm teardown connections uses the mutex, which is unnecessary for RoCEv2 and only required for iWARP. The error is indicated by a "sleeping function called from invalid context" message at kernel/locking/mutex, accompanied by a call trace.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Stack Overflow

Buffer Overflow

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-119CWE-667

Related Identifiers

BDU:2026-03701

CESA-2022_7683

CVE-2022-49606

RHSA-2022:7683

RHSA-2022:8267

RHSA-2022_7683

RHSA-2022_8267

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2025-8539 · Linux+4 · Linux Kernel+4

CVE-2022-49606

Weakness Enumeration

Related Identifiers

Affected Products

References · 1333