CVE-2022-48745

MEDIUM

Linux Kernel 5.10-5.10.96, 5.11-5.15.19, 5.16-5.16.5 - Race Condition in Timer Deactivation

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use del_timer_sync in fw reset flow of halting poll Substitute del_timer() with del_timer_sync() in fw reset polling deactivation flow, in order to prevent a race condition which occurs when del_timer() is called and timer is deactivated while another process is handling the timer interrupt. A situation that led to the following call trace: RIP: 0010:run_timer_softirq+0x137/0x420 <IRQ> recalibrate_cpu_khz+0x10/0x10 ktime_get+0x3e/0xa0 ? sched_clock_cpu+0xb/0xc0 __do_softirq+0xf5/0x2ea irq_exit_rcu+0xc1/0xf0 sysvec_apic_timer_interrupt+0x9e/0xc0 asm_sysvec_apic_timer_interrupt+0x12/0x20 </IRQ>

References (4)

Core 4

Scores

CVSS v3 4.7
EPSS 0.0018
EPSS Percentile 7.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-362
Status published
Products (15)
linux/Kernel 5.10.0 - 5.10.97linux
linux/Kernel 5.11.0 - 5.15.20linux
linux/Kernel 5.16.0 - 5.16.6linux
Linux/Linux < 5.10
Linux/Linux 38b9f903f22b9baa5c4b9bfb07c8bbc49f5efbba - 2a038dd1d942f8fbc495c58fa592ff24af05f1c2
Linux/Linux 38b9f903f22b9baa5c4b9bfb07c8bbc49f5efbba - 3c5193a87b0fea090aa3f769d020337662d87b5e
Linux/Linux 38b9f903f22b9baa5c4b9bfb07c8bbc49f5efbba - 502c37b033fab7cde3e95a570af4f073306be45e
Linux/Linux 38b9f903f22b9baa5c4b9bfb07c8bbc49f5efbba - f895ebeb44d09d02674cfdd0cfc2bf687603918c
Linux/Linux 5.10
Linux/Linux 5.10.97 - 5.10.*
... and 5 more
Published Jun 20, 2024
Tracked Since Feb 18, 2026