CVE-2022-50107

If we hit the 'index == nextcached' case, we leak a refcount on the struct page. Fix this by using readaheadfolio() which takes care of the refcount for you.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50107.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0174ee9947bd0f24fee2794b35258960d108b7aa

Fixed

7105b4047481bc2950fb767cff328d8b75292c0f

Fixed

ae497726cd090673a4d20ac725ccc2de8067a7a5

Fixed

c6f62f81b488d00afaa86bae26c6ce9ab12c709e

Affected versions

v5.*

v5.17

v5.17-rc2

v5.17-rc3

v5.17-rc4

v5.17-rc5

v5.17-rc6

v5.17-rc7

v5.17-rc8

v5.18

v5.18-rc1

v5.18-rc2

v5.18-rc3

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.18.1

v5.18.10

v5.18.11

v5.18.12

v5.18.13

v5.18.14

v5.18.15

v5.18.16

v5.18.17

v5.18.2

v5.18.3

v5.18.4

v5.18.5

v5.18.6

v5.18.7

v5.18.8

v5.18.9

v5.19

v5.19-rc1

v5.19-rc2

v5.19-rc3

v5.19-rc4

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v5.19.1

Database specific

vanir_signatures

[
    {
        "digest": {
            "length": 2914.0,
            "function_hash": "230821950903832299319728491959706330732"
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "id": "CVE-2022-50107-4ddb217a",
        "target": {
            "function": "cifs_readahead",
            "file": "fs/cifs/file.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ae497726cd090673a4d20ac725ccc2de8067a7a5"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "24609134603884348776121141707874001750",
                "153816890423514921317386473338669222315",
                "209764473953788380252734874959719235709",
                "199825194465164832399604038967757875879",
                "240078198890172746213033137984853811483",
                "190737432502391207857374554798016688666",
                "186050897140563619749603210175231895479",
                "305038487132987824748179852156813130011",
                "324740949931227336066523226142869851569",
                "177719415538858395348786024996904967786"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line",
        "id": "CVE-2022-50107-9e46da47",
        "target": {
            "file": "fs/cifs/file.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7105b4047481bc2950fb767cff328d8b75292c0f"
    },
    {
        "digest": {
            "length": 2914.0,
            "function_hash": "230821950903832299319728491959706330732"
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "id": "CVE-2022-50107-b4ab094f",
        "target": {
            "function": "cifs_readahead",
            "file": "fs/cifs/file.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c6f62f81b488d00afaa86bae26c6ce9ab12c709e"
    },
    {
        "digest": {
            "length": 2914.0,
            "function_hash": "230821950903832299319728491959706330732"
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "id": "CVE-2022-50107-bc3f6638",
        "target": {
            "function": "cifs_readahead",
            "file": "fs/cifs/file.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7105b4047481bc2950fb767cff328d8b75292c0f"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "24609134603884348776121141707874001750",
                "153816890423514921317386473338669222315",
                "209764473953788380252734874959719235709",
                "199825194465164832399604038967757875879",
                "240078198890172746213033137984853811483",
                "190737432502391207857374554798016688666",
                "186050897140563619749603210175231895479",
                "305038487132987824748179852156813130011",
                "324740949931227336066523226142869851569",
                "177719415538858395348786024996904967786"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line",
        "id": "CVE-2022-50107-de4664c4",
        "target": {
            "file": "fs/cifs/file.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c6f62f81b488d00afaa86bae26c6ce9ab12c709e"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "24609134603884348776121141707874001750",
                "153816890423514921317386473338669222315",
                "209764473953788380252734874959719235709",
                "199825194465164832399604038967757875879",
                "240078198890172746213033137984853811483",
                "190737432502391207857374554798016688666",
                "186050897140563619749603210175231895479",
                "305038487132987824748179852156813130011",
                "324740949931227336066523226142869851569",
                "177719415538858395348786024996904967786"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line",
        "id": "CVE-2022-50107-e9394d41",
        "target": {
            "file": "fs/cifs/file.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ae497726cd090673a4d20ac725ccc2de8067a7a5"
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50107.json"