CVE-2022-49655 (GCVE-0-2022-49655)
Vulnerability from cvelistv5
Published
2025-02-26 02:23
Modified
2025-05-04 08:42
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: fscache: Fix invalidation/lookup race If an NFS file is opened for writing and closed, fscache_invalidate() will be asked to invalidate the file - however, if the cookie is in the LOOKING_UP state (or the CREATING state), then request to invalidate doesn't get recorded for fscache_cookie_state_machine() to do something with. Fix this by making __fscache_invalidate() set a flag if it sees the cookie is in the LOOKING_UP state to indicate that we need to go to invalidation. Note that this requires a count on the n_accesses counter for the state machine, which that will release when it's done. fscache_cookie_state_machine() then shifts to the INVALIDATING state if it sees the flag. Without this, an nfs file can get corrupted if it gets modified locally and then read locally as the cache contents may not get updated.
Impacted products
Vendor Product Version
Linux Linux Version: d24af13e2e2358a602740c7817ea90da43d3e740
Version: d24af13e2e2358a602740c7817ea90da43d3e740
Create a notification for this product.
   Linux Linux Version: 5.17
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/fscache/cookie.c",
            "include/linux/fscache.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b1ae9f617f8a5c848d9205b8e228c6f0d1af754b",
              "status": "affected",
              "version": "d24af13e2e2358a602740c7817ea90da43d3e740",
              "versionType": "git"
            },
            {
              "lessThan": "85e4ea1049c70fb99de5c6057e835d151fb647da",
              "status": "affected",
              "version": "d24af13e2e2358a602740c7817ea90da43d3e740",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/fscache/cookie.c",
            "include/linux/fscache.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.17"
            },
            {
              "lessThan": "5.17",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.18.*",
              "status": "unaffected",
              "version": "5.18.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.19",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.18.11",
                  "versionStartIncluding": "5.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.19",
                  "versionStartIncluding": "5.17",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfscache: Fix invalidation/lookup race\n\nIf an NFS file is opened for writing and closed, fscache_invalidate() will\nbe asked to invalidate the file - however, if the cookie is in the\nLOOKING_UP state (or the CREATING state), then request to invalidate\ndoesn\u0027t get recorded for fscache_cookie_state_machine() to do something\nwith.\n\nFix this by making __fscache_invalidate() set a flag if it sees the cookie\nis in the LOOKING_UP state to indicate that we need to go to invalidation.\nNote that this requires a count on the n_accesses counter for the state\nmachine, which that will release when it\u0027s done.\n\nfscache_cookie_state_machine() then shifts to the INVALIDATING state if it\nsees the flag.\n\nWithout this, an nfs file can get corrupted if it gets modified locally and\nthen read locally as the cache contents may not get updated."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T08:42:40.760Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b1ae9f617f8a5c848d9205b8e228c6f0d1af754b"
        },
        {
          "url": "https://git.kernel.org/stable/c/85e4ea1049c70fb99de5c6057e835d151fb647da"
        }
      ],
      "title": "fscache: Fix invalidation/lookup race",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-49655",
    "datePublished": "2025-02-26T02:23:55.483Z",
    "dateReserved": "2025-02-26T02:21:30.434Z",
    "dateUpdated": "2025-05-04T08:42:40.760Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…