In the Linux kernel, the following vulnerability has been resolved:
ceph: avoid putting the realm twice when decoding snaps fails
When decoding the snaps fails it maybe leaving the 'firstrealm' and 'realm' pointing to the same snaprealm memory. And then it'll put it twice and could cause random use-after-free, BUGON, etc issues.
[ { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2f6e2de3a5289004650118b61f138fe7c28e1905", "signature_version": "v1", "target": { "file": "fs/ceph/snap.c", "function": "ceph_update_snap_trace" }, "digest": { "length": 2752.0, "function_hash": "274108742944457448667472598143524806276" }, "deprecated": false, "signature_type": "Function", "id": "CVE-2022-49770-05170757" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@51884d153f7ec85e18d607b2467820a90e0f4359", "signature_version": "v1", "target": { "file": "fs/ceph/snap.c", "function": "ceph_update_snap_trace" }, "digest": { "length": 2732.0, "function_hash": "196493430386578456088169513408936023671" }, "deprecated": false, "signature_type": "Function", "id": "CVE-2022-49770-3031f7ac" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@274e4c79a3a2a24fba7cfe0e41113f1138785c37", "signature_version": "v1", "target": { "file": "fs/ceph/snap.c" }, "digest": { "line_hashes": [ "321656084745881684939642955774910259062", "324844467979559744373939990257620043891", "8081984238575992336325732312250798976", "100121541184490151944830894241289203414", "23628319177126917659351295719261729254", "164924244296744209028458456414011923327", "237001387014411723718166497308583666253", "309255969816380188529351035575141050874" ], "threshold": 0.9 }, "deprecated": false, "signature_type": "Line", "id": "CVE-2022-49770-313afb93" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@044bc6d3c2c0e9090b0841e7b723875756534b45", "signature_version": "v1", "target": { "file": "fs/ceph/snap.c" }, "digest": { "line_hashes": [ "321656084745881684939642955774910259062", "324844467979559744373939990257620043891", "8081984238575992336325732312250798976", "100121541184490151944830894241289203414", "13657934491562981659832251875999084522", "182059605964948828478624920599352513616", "237001387014411723718166497308583666253", "309255969816380188529351035575141050874" ], "threshold": 0.9 }, "deprecated": false, "signature_type": "Line", "id": "CVE-2022-49770-37ccce4b" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cb7495fe957526555782ce0723f79ce92a6db22e", "signature_version": "v1", "target": { "file": "fs/ceph/snap.c" }, "digest": { "line_hashes": [ "321656084745881684939642955774910259062", "324844467979559744373939990257620043891", "8081984238575992336325732312250798976", "100121541184490151944830894241289203414", "13657934491562981659832251875999084522", "182059605964948828478624920599352513616", "237001387014411723718166497308583666253", "309255969816380188529351035575141050874" ], "threshold": 0.9 }, "deprecated": false, "signature_type": "Line", "id": "CVE-2022-49770-6a8084ef" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@274e4c79a3a2a24fba7cfe0e41113f1138785c37", "signature_version": "v1", "target": { "file": "fs/ceph/snap.c", "function": "ceph_update_snap_trace" }, "digest": { "length": 2718.0, "function_hash": "7894147921204594853553541705923907825" }, "deprecated": false, "signature_type": "Function", "id": "CVE-2022-49770-79225a66" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fd879c83e87735ab8f00ef7755752cf0cbae24b2", "signature_version": "v1", "target": { "file": "fs/ceph/snap.c" }, "digest": { "line_hashes": [ "321656084745881684939642955774910259062", "324844467979559744373939990257620043891", "8081984238575992336325732312250798976", "100121541184490151944830894241289203414", "196648101736436521332392197557976688246", "199559485529096779883347295555004340979", "327665691974725888679157689113831251561", "309255969816380188529351035575141050874" ], "threshold": 0.9 }, "deprecated": false, "signature_type": "Line", "id": "CVE-2022-49770-79954f4d" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@51884d153f7ec85e18d607b2467820a90e0f4359", "signature_version": "v1", "target": { "file": "fs/ceph/snap.c" }, "digest": { "line_hashes": [ "321656084745881684939642955774910259062", "324844467979559744373939990257620043891", "8081984238575992336325732312250798976", "100121541184490151944830894241289203414", "196648101736436521332392197557976688246", "199559485529096779883347295555004340979", "327665691974725888679157689113831251561", "309255969816380188529351035575141050874" ], "threshold": 0.9 }, "deprecated": false, "signature_type": "Line", "id": "CVE-2022-49770-7c46ef40" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@044bc6d3c2c0e9090b0841e7b723875756534b45", "signature_version": "v1", "target": { "file": "fs/ceph/snap.c", "function": "ceph_update_snap_trace" }, "digest": { "length": 2755.0, "function_hash": "81324611583122622398330850164873693251" }, "deprecated": false, "signature_type": "Function", "id": "CVE-2022-49770-b6ba3893" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fd879c83e87735ab8f00ef7755752cf0cbae24b2", "signature_version": "v1", "target": { "file": "fs/ceph/snap.c", "function": "ceph_update_snap_trace" }, "digest": { "length": 2732.0, "function_hash": "196493430386578456088169513408936023671" }, "deprecated": false, "signature_type": "Function", "id": "CVE-2022-49770-c267459c" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cb7495fe957526555782ce0723f79ce92a6db22e", "signature_version": "v1", "target": { "file": "fs/ceph/snap.c", "function": "ceph_update_snap_trace" }, "digest": { "length": 2755.0, "function_hash": "81324611583122622398330850164873693251" }, "deprecated": false, "signature_type": "Function", "id": "CVE-2022-49770-c834331c" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2f6e2de3a5289004650118b61f138fe7c28e1905", "signature_version": "v1", "target": { "file": "fs/ceph/snap.c" }, "digest": { "line_hashes": [ "321656084745881684939642955774910259062", "324844467979559744373939990257620043891", "8081984238575992336325732312250798976", "100121541184490151944830894241289203414", "13657934491562981659832251875999084522", "182059605964948828478624920599352513616", "237001387014411723718166497308583666253", "309255969816380188529351035575141050874" ], "threshold": 0.9 }, "deprecated": false, "signature_type": "Line", "id": "CVE-2022-49770-fea06e8f" } ]