CVE-2022-49433

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-49433

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49433.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-49433

Related

UBUNTU-CVE-2022-49433

Published

2025-02-26T07:01:19Z

Modified

2025-02-26T19:01:21.689390Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/hfi1: Prevent use of lock before it is initialized

If there is a failure during probe of hfi1 before the sdmamaplock is initialized, the call to hfi1freedevdata() will attempt to use a lock that has not been initialized. If the locking correctness validator is on then an INFO message and stack trace resembling the following may be seen:

INFO: trying to register non-static key. The code is fine but needs lockdep annotation, or maybe you didn't initialize this object before use? turning off the locking correctness validator. Call Trace: registerlockclass+0x11b/0x880 _lockacquire+0xf3/0x7930 lockacquire+0xff/0x2d0 _rawspinlockirq+0x46/0x60 sdmaclean+0x42a/0x660 [hfi1] hfi1freedevdata+0x3a7/0x420 [hfi1] initone+0x867/0x11a0 [hfi1] pcideviceprobe+0x40e/0x8d0

The use of sdmamaplock in sdmaclean() is for freeing the sdmamap memory, and sdmamap is not allocated/initialized until after sdmamaplock has been initialized. This code only needs to be run if sdmamap is not NULL, and so checking for that condition will avoid trying to use the lock before it is initialized.

References

Affected packages

Debian:11 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.10.127-1

Affected versions

5.*

5.10.46-4

5.10.46-5

5.10.70-1~bpo10+1

5.10.70-1

5.10.84-1

5.10.92-1~bpo10+1

5.10.92-1

5.10.92-2

5.10.103-1~bpo10+1

5.10.103-1

5.10.106-1

5.10.113-1

5.10.120-1~bpo10+1

5.10.120-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.18.5-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.18.5-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}