Description

In the Linux kernel, the following vulnerability has been resolved: Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag syzbot is reporting hung task at __input_unregister_device() [1], for iforce_close() waiting at wait_event_interruptible() with dev->mutex held is blocking input_disconnect_device() from __input_unregister_device(). It seems that the cause is simply that commit c2b27ef672992a20 ("Input: iforce - wait for command completion when closing the device") forgot to call wake_up() after clear_bit(). Fix this problem by introducing a helper that calls clear_bit() followed by wake_up_all().

INFO

Published Date :

2025-06-18T11:00:16.928Z

Last Modified :

2025-06-18T11:00:16.928Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49954 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49954.

URL Resource
https://git.kernel.org/stable/c/98e01215708b6d416345465c09dce2bd4868c67a cve-icon cve-icon
https://git.kernel.org/stable/c/b271090eea3899399e2adcf79c9c95367d472b03 cve-icon cve-icon
https://git.kernel.org/stable/c/b533b9d3a0d1327cbb31c201dc8dbbf98c8bfe3c cve-icon cve-icon
https://git.kernel.org/stable/c/d186c65599bff0222da37b9215784ddfe39f9e1b cve-icon cve-icon
https://git.kernel.org/stable/c/df1b53bc799d58f79701c465505a206c72ad4ab8 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025061811-CVE-2022-49954-97f4@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49954 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49954 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact