CVE-2022-48939

LOW

Linux kernel - Info Disclosure

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Add schedule points in batch ops syzbot reported various soft lockups caused by bpf batch operations. INFO: task kworker/1:1:27 blocked for more than 140 seconds. INFO: task hung in rcu_barrier Nothing prevents batch ops to process huge amount of data, we need to add schedule points in them. Note that maybe_wait_bpf_programs(map) calls from generic_map_delete_batch() can be factorized by moving the call after the loop. This will be done later in -next tree once we get this fix merged, unless there is strong opinion doing this optimization sooner.

References (4)

[Patch] https://git.kernel.org/stable/c/75134f16e7dd0007aa474b281935c5f42e79f2c8

[Patch] https://git.kernel.org/stable/c/7e8099967d0e3ff9d1ae043e80b27fbe46c08417

[Patch] https://git.kernel.org/stable/c/7ef94bfb08fb9e73defafbd5ddef6b5a0e2ee12b

[Patch] https://git.kernel.org/stable/c/8628f489b749a4f9767991631921dbe3fbcdc784

Scores

CVSS v3 3.3

EPSS 0.0003

EPSS Percentile 7.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-834

Status published

Products (4)

linux/Kernel 5.11.0 - 5.15.26linux

linux/Kernel 5.16.0 - 5.16.12linux

linux/Kernel 5.6.0 - 5.10.103linux

linux/linux_kernel 5.6 - 5.10.103

Published Aug 22, 2024

Tracked Since Feb 18, 2026