DEBIAN-CVE-2022-50426
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-50426
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50426.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2022-50426
- Upstream
- Published
- 2025-10-01T12:15:34Z
- Modified
- 2025-10-02T09:00:43Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxdsprproc: Add mutex protection for workqueue The workqueue may execute late even after remoteproc is stopped or stopping, some resources (rpmsg device and endpoint) have been released in rprocstopsubdevices(), then rprocvqinterrupt() accessing these resources will cause kennel dump. Call trace: virtqueueaddsplit+0x1ac/0x560 virtqueueaddinbuf+0x4c/0x60 rpmsgrecvdone+0x15c/0x294 vringinterrupt+0x6c/0xa4 rprocvqinterrupt+0x30/0x50 imxdsprprocvqwork+0x24/0x40 [imxdsprproc] processonework+0x1d0/0x354 workerthread+0x13c/0x470 kthread+0x154/0x160 retfromfork+0x10/0x20 Add mutex protection in imxdsprprocvqwork(), if the state is not running, then just skip calling rprocvqinterrupt(). Also the flush workqueue operation can't be added in rproc stop for the same reason. The call sequence is rprocshutdown -> rprocstop ->rprocstopsubdevices ->rproc->ops->stop() ->imxdsprprocstop ->flushwork -> rprocvqinterrupt The resource needed by rprocvqinterrupt has been released in rprocstopsubdevices, so flushwork is not safe to be called in imxdsprprocstop.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source