CVE-2022-49786

blkcgcssonline is supposed to pin the blkcg of the parent, but 397c9f46ee4d refactored things and along the way, changed it to pin the css instead. This results in extra pins, and we end up leaking blkcgs and cgroups.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

397c9f46ee4d99024c64954b007c1b5762d01cb4

Fixed

d118247e404d6338f7b90636a3c6b95a387ed163

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

397c9f46ee4d99024c64954b007c1b5762d01cb4

Fixed

d7dbd43f4a828fa1d9a8614d5b0ac40aee6375fe

Affected versions

v5.*

v5.18

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.19

v5.19-rc1

v5.19-rc2

v5.19-rc3

v5.19-rc4

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v6.*

v6.0

v6.0-rc1

v6.0-rc2

v6.0-rc3

v6.0-rc4

v6.0-rc5

v6.0-rc6

v6.0-rc7

v6.0.1

v6.0.2

v6.0.3

v6.0.4

v6.0.5

v6.0.6

v6.0.7

v6.0.8

v6.0.9

Database specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 134.0,
                "function_hash": "310297283914813593773845463033650686371"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d7dbd43f4a828fa1d9a8614d5b0ac40aee6375fe",
            "signature_type": "Function",
            "target": {
                "function": "blkcg_css_online",
                "file": "block/blk-cgroup.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2022-49786-1bf29022"
        },
        {
            "digest": {
                "line_hashes": [
                    "211359780218856816770355320417121440721",
                    "241035140619799561807065437225465183557",
                    "45188173792182826634288302474763408437",
                    "266204328467567989636002770506896871739"
                ],
                "threshold": 0.9
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d7dbd43f4a828fa1d9a8614d5b0ac40aee6375fe",
            "signature_type": "Line",
            "target": {
                "file": "block/blk-cgroup.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2022-49786-4b52d582"
        },
        {
            "digest": {
                "line_hashes": [
                    "211359780218856816770355320417121440721",
                    "241035140619799561807065437225465183557",
                    "45188173792182826634288302474763408437",
                    "104315232484995879947050940702475463406"
                ],
                "threshold": 0.9
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d118247e404d6338f7b90636a3c6b95a387ed163",
            "signature_type": "Line",
            "target": {
                "file": "block/blk-cgroup.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2022-49786-64943336"
        },
        {
            "digest": {
                "length": 134.0,
                "function_hash": "310297283914813593773845463033650686371"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d118247e404d6338f7b90636a3c6b95a387ed163",
            "signature_type": "Function",
            "target": {
                "function": "blkcg_css_online",
                "file": "block/blk-cgroup.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2022-49786-8579a3ca"
        }
    ]
}

CVE-2022-49786

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Affected versions

v5.*

v6.*

Database specific

Linux / Kernel

Package

Affected ranges