摘要:
In the Linux kernel, the following vulnerability has been resolved:cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()syzbot is hitting percpu_rwsem_assert_held(&cpu_hotplug_lock) warning atcpuset_attach() [1], for commit 4f7e7236435ca0ab ( cgroup: Fixthreadgroup_rwsem <-> cpus_read_lock() deadlock ) missed thatcpuset_attach() is also called from cgroup_attach_task_all().Add cpus_read_lock() like what cgroup_procs_write_start() does.
安全等级: Low
公告ID: KylinSec-SA-2024-2777
发布日期: 2024年6月19日
关联CVE: CVE-2022-48671
In the Linux kernel, the following vulnerability has been resolved:cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()syzbot is hitting percpu_rwsem_assert_held(&cpu_hotplug_lock) warning atcpuset_attach() [1], for commit 4f7e7236435ca0ab ( cgroup: Fixthreadgroup_rwsem <-> cpus_read_lock() deadlock ) missed thatcpuset_attach() is also called from cgroup_attach_task_all().Add cpus_read_lock() like what cgroup_procs_write_start() does.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2022-48671 | KY3.4-5A | kernel | Unaffected |
| CVE-2022-48671 | V6 | kernel | Unaffected |
