PT-2025-8588 · Linux+3 · Linux Kernel+3

Max Kellermann

Published

2022-07-05

Updated

2025-04-14

CVE-2022-49655

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A race condition exists in the Linux kernel's fscache, specifically when handling NFS files. If an NFS file is opened for writing, closed, and then modified locally, the cache contents may not be updated, potentially leading to file corruption. This issue arises when the cookie is in the LOOKING UP state and the request to invalidate doesn't get recorded. The fix involves setting a flag in fscache invalidate() to indicate the need for invalidation when the cookie is in the LOOKING UP state.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-371

Related Identifiers

BDU:2026-03987

CVE-2022-49655

RHSA-2023:2458

RHSA-2023_2458

SUSE-SU-2025:1176-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1241-1

Affected Products

Astra Linux

Linux Kernel

Red Hat

Suse

PT-2025-8588 · Linux+3 · Linux Kernel+3

CVE-2022-49655

Weakness Enumeration

Related Identifiers

Affected Products

References · 1303