Description

In the Linux kernel, the following vulnerability has been resolved: net/9p: use a dedicated spinlock for trans_fd Shamelessly copying the explanation from Tetsuo Handa's suggested patch[1] (slightly reworded): syzbot is reporting inconsistent lock state in p9_req_put()[2], for p9_tag_remove() from p9_req_put() from IRQ context is using spin_lock_irqsave() on "struct p9_client"->lock but trans_fd (not from IRQ context) is using spin_lock(). Since the locks actually protect different things in client.c and in trans_fd.c, just replace trans_fd.c's lock by a new one specific to the transport (client.c's protect the idr for fid/tag allocations, while trans_fd.c's protects its own req list and request status field that acts as the transport's state machine)

INFO

Published Date :

2025-05-01T14:09:04.896Z

Last Modified :

2025-12-23T13:25:46.981Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49765 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49765.

URL Resource
https://git.kernel.org/stable/c/296ab4a813841ba1d5f40b03190fd1bd8f25aab0 cve-icon cve-icon
https://git.kernel.org/stable/c/43bbadb7e4636dc02f6a283c2a39e6438e6173cd cve-icon cve-icon
https://git.kernel.org/stable/c/717b9b4f38703d7f5293059e3a242d16f76fa045 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025050113-CVE-2022-49765-731b@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49765 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49765 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact