Vulnerabilities > CVE-2022-49542 - Improper Locking vulnerability in Linux Kernel

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

linux

CWE-667

NVD

Published: 2025-02-26

Updated: 2025-03-10

Summary

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg() In an attempt to log message 0126 with LOG_TRACE_EVENT, the following hard lockup call trace hangs the system. Call Trace: _raw_spin_lock_irqsave+0x32/0x40 lpfc_dmp_dbg.part.32+0x28/0x220 [lpfc] lpfc_cmpl_els_fdisc+0x145/0x460 [lpfc] lpfc_sli_cancel_jobs+0x92/0xd0 [lpfc] lpfc_els_flush_cmd+0x43c/0x670 [lpfc] lpfc_els_flush_all_cmd+0x37/0x60 [lpfc] lpfc_sli4_async_event_proc+0x956/0x1720 [lpfc] lpfc_do_work+0x1485/0x1d70 [lpfc] kthread+0x112/0x130 ret_from_fork+0x1f/0x40 Kernel panic - not syncing: Hard LOCKUP The same CPU tries to claim the phba->port_list_lock twice. Move the cfg_log_verbose checks as part of the lpfc_printf_vlog() and lpfc_printf_log() macros before calling lpfc_dmp_dbg(). There is no need to take the phba->port_list_lock within lpfc_dmp_dbg().

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 5.16 Linux Linux Kernel 5.16.0 Linux Linux Kernel 5.16.1 Linux Linux Kernel 5.16.2 Linux Linux Kernel 5.16.3 Linux Linux Kernel 5.16.4 Linux Linux Kernel 5.16.5 Linux Linux Kernel 5.16.6 Linux Linux Kernel 5.16.7 Linux Linux Kernel 5.16.8 Linux Linux Kernel 5.16.9 Linux Linux Kernel 5.16.10 Linux Linux Kernel 5.16.11 Linux Linux Kernel 5.16.12 Linux Linux Kernel 5.16.13 Linux Linux Kernel 5.16.14 Linux Linux Kernel 5.16.15 Linux Linux Kernel 5.16.16 Linux Linux Kernel 5.16.17 Linux Linux Kernel 5.16.18 Linux Linux Kernel 5.16.19 Linux Linux Kernel 5.16.20 Linux Linux Kernel 5.16.62 Linux Linux Kernel 5.17 Linux Linux Kernel 5.17.1 Linux Linux Kernel 5.17.2 Linux Linux Kernel 5.17.3 Linux Linux Kernel 5.17.4 Linux Linux Kernel 5.17.5 Linux Linux Kernel 5.17.6 Linux Linux Kernel 5.17.7 Linux Linux Kernel 5.17.8 Linux Linux Kernel 5.17.9 Linux Linux Kernel 5.17.10 Linux Linux Kernel 5.17.11 Linux Linux Kernel 5.17.12 Linux Linux Kernel 5.17.13 Linux Linux Kernel 5.18.1 Linux Linux Kernel 5.18.2 Linux Linux Kernel *	56

Common Weakness Enumeration (CWE)

CWE-667 - Improper Locking

Common Attack Pattern Enumeration and Classification (CAPEC)

Leveraging Race Conditions
This attack targets a race condition occurring when multiple processes access and manipulate the same resource concurrently and the outcome of the execution depends on the particular order in which the access takes place. The attacker can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance a race condition can occur while accessing a file, the attacker can trick the system by replacing the original file with his version and cause the system to read the malicious file.
Leveraging Race Conditions via Symbolic Links
This attack leverages the use of symbolic links (Symlinks) in order to write to sensitive files. An attacker can create a Symlink link to a target file not otherwise accessible to her. When the privileged program tries to create a temporary file with the same name as the Symlink link, it will actually write to the target file pointed to by the attackers' Symlink link. If the attacker can insert malicious content in the temporary file she will be writing to the sensitive file by using the Symlink. The race occurs because the system checks if the temporary file exists, then creates the file. The attacker would typically create the Symlink during the interval between the check and the creation of the temporary file.

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

References