{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-49606", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-02-26T02:21:30.417Z", "datePublished": "2025-02-26T02:23:31.346Z", "dateUpdated": "2025-05-04T08:41:39.560Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:41:39.560Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix sleep from invalid context BUG\n\nTaking the qos_mutex to process RoCEv2 QP's on netdev events causes a\nkernel splat.\n\nFix this by removing the handling for RoCEv2 in\nirdma_cm_teardown_connections that uses the mutex. This handling is only\nneeded for iWARP to avoid having connections established while the link is\ndown or having connections remain functional after the IP address is\nremoved.\n\n BUG: sleeping function called from invalid context at kernel/locking/mutex.\n Call Trace:\n kernel: dump_stack+0x66/0x90\n kernel: ___might_sleep.cold.92+0x8d/0x9a\n kernel: mutex_lock+0x1c/0x40\n kernel: irdma_cm_teardown_connections+0x28e/0x4d0 [irdma]\n kernel: ? check_preempt_curr+0x7a/0x90\n kernel: ? select_idle_sibling+0x22/0x3c0\n kernel: ? select_task_rq_fair+0x94c/0xc90\n kernel: ? irdma_exec_cqp_cmd+0xc27/0x17c0 [irdma]\n kernel: ? __wake_up_common+0x7a/0x190\n kernel: irdma_if_notify+0x3cc/0x450 [irdma]\n kernel: ? sched_clock_cpu+0xc/0xb0\n kernel: irdma_inet6addr_event+0xc6/0x150 [irdma]"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/infiniband/hw/irdma/cm.c"], "versions": [{"version": "146b9756f14c04894226fb97e2f102f217139c27", "lessThan": "a4c5115140ed1833197bad9a6b80265840ff427f", "status": "affected", "versionType": "git"}, {"version": "146b9756f14c04894226fb97e2f102f217139c27", "lessThan": "2cae7e519032e4b4672cb9204d5586a441924364", "status": "affected", "versionType": "git"}, {"version": "146b9756f14c04894226fb97e2f102f217139c27", "lessThan": "cc0315564d6eec91c716d314b743321be24c70b3", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/infiniband/hw/irdma/cm.c"], "versions": [{"version": "5.14", "status": "affected"}, {"version": "0", "lessThan": "5.14", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.58", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.18.15", "lessThanOrEqual": "5.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.14", "versionEndExcluding": "5.15.58"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.14", "versionEndExcluding": "5.18.15"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.14", "versionEndExcluding": "5.19"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/a4c5115140ed1833197bad9a6b80265840ff427f"}, {"url": "https://git.kernel.org/stable/c/2cae7e519032e4b4672cb9204d5586a441924364"}, {"url": "https://git.kernel.org/stable/c/cc0315564d6eec91c716d314b743321be24c70b3"}], "title": "RDMA/irdma: Fix sleep from invalid context BUG", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix sleep from invalid context BUG\n\nTaking the qos_mutex to process RoCEv2 QP's on netdev events causes a\nkernel splat.\n\nFix this by removing the handling for RoCEv2 in\nirdma_cm_teardown_connections that uses the mutex. This handling is only\nneeded for iWARP to avoid having connections established while the link is\ndown or having connections remain functional after the IP address is\nremoved.\n\n BUG: sleeping function called from invalid context at kernel/locking/mutex.\n Call Trace:\n kernel: dump_stack+0x66/0x90\n kernel: ___might_sleep.cold.92+0x8d/0x9a\n kernel: mutex_lock+0x1c/0x40\n kernel: irdma_cm_teardown_connections+0x28e/0x4d0 [irdma]\n kernel: ? check_preempt_curr+0x7a/0x90\n kernel: ? select_idle_sibling+0x22/0x3c0\n kernel: ? select_task_rq_fair+0x94c/0xc90\n kernel: ? irdma_exec_cqp_cmd+0xc27/0x17c0 [irdma]\n kernel: ? __wake_up_common+0x7a/0x190\n kernel: irdma_if_notify+0x3cc/0x450 [irdma]\n kernel: ? sched_clock_cpu+0xc/0xb0\n kernel: irdma_inet6addr_event+0xc6/0x150 [irdma]"}], "id": "CVE-2022-49606", "lastModified": "2025-02-26T07:01:36.093", "metrics": {}, "published": "2025-02-26T07:01:36.093", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2cae7e519032e4b4672cb9204d5586a441924364"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a4c5115140ed1833197bad9a6b80265840ff427f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/cc0315564d6eec91c716d314b743321be24c70b3"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{"affected_release": [{"advisory": "RHSA-2022:7683", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-425.3.1.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-11-08T00:00:00Z"}, {"advisory": "RHSA-2022:8267", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-162.6.1.el9_1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-11-15T00:00:00Z"}, {"advisory": "RHSA-2022:8267", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-162.6.1.el9_1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-11-15T00:00:00Z"}], "bugzilla": {"description": "kernel: RDMA/irdma: Fix sleep from invalid context BUG", "id": "2348277", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348277"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nRDMA/irdma: Fix sleep from invalid context BUG\nTaking the qos_mutex to process RoCEv2 QP's on netdev events causes a\nkernel splat.\nFix this by removing the handling for RoCEv2 in\nirdma_cm_teardown_connections that uses the mutex. This handling is only\nneeded for iWARP to avoid having connections established while the link is\ndown or having connections remain functional after the IP address is\nremoved.\nBUG: sleeping function called from invalid context at kernel/locking/mutex.\nCall Trace:\nkernel: dump_stack+0x66/0x90\nkernel: ___might_sleep.cold.92+0x8d/0x9a\nkernel: mutex_lock+0x1c/0x40\nkernel: irdma_cm_teardown_connections+0x28e/0x4d0 [irdma]\nkernel: ? check_preempt_curr+0x7a/0x90\nkernel: ? select_idle_sibling+0x22/0x3c0\nkernel: ? select_task_rq_fair+0x94c/0xc90\nkernel: ? irdma_exec_cqp_cmd+0xc27/0x17c0 [irdma]\nkernel: ? __wake_up_common+0x7a/0x190\nkernel: irdma_if_notify+0x3cc/0x450 [irdma]\nkernel: ? sched_clock_cpu+0xc/0xb0\nkernel: irdma_inet6addr_event+0xc6/0x150 [irdma]"], "name": "CVE-2022-49606", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-49606\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49606\nhttps://lore.kernel.org/linux-cve-announce/2025022612-CVE-2022-49606-3753@gregkh/T"], "threat_severity": "Low"}