vulnerability
Debian: CVE-2022-49413: linux -- security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:L/Au:S/C:N/I:C/A:C) | Feb 27, 2025 | Feb 27, 2025 | Mar 6, 2025 |
Severity
6
CVSS
(AV:L/AC:L/Au:S/C:N/I:C/A:C)
Published
Feb 27, 2025
Added
Feb 27, 2025
Modified
Mar 6, 2025
Description
In the Linux kernel, the following vulnerability has been resolved:
bfq: Update cgroup information before merging bio
When the process is migrated to a different cgroup (or in case of
writeback just starts submitting bios associated with a different
cgroup) bfq_merge_bio() can operate with stale cgroup information in
bic. Thus the bio can be merged to a request from a different cgroup or
it can result in merging of bfqqs for different cgroups or bfqqs of
already dead cgroups and causing possible use-after-free issues. Fix the
problem by updating cgroup information in bfq_merge_bio().
Solution
debian-upgrade-linux
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.