vulnerability
Ubuntu: (CVE-2022-48816): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Jul 16, 2024 | Jun 26, 2025 | Oct 7, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Jul 16, 2024
Added
Jun 26, 2025
Modified
Oct 7, 2025
Description
In the Linux kernel, the following vulnerability has been resolved:
SUNRPC: lock against ->sock changing during sysfs read
->sock can be set to NULL asynchronously unless ->recv_mutex is held.
So it is important to hold that mutex. Otherwise a sysfs read can
trigger an oops.
Commit 17f09d3f619a ("SUNRPC: Check if the xprt is connected before
handling sysfs reads") appears to attempt to fix this problem, but it
only narrows the race window.
Solution
no-fix-ubuntu-package
References
- CVE-2022-48816
- https://attackerkb.com/topics/CVE-2022-48816
- CWE-476
- URL-https://git.kernel.org/linus/b49ea673e119f59c71645e2f65b3ccad857c90ee
- URL-https://git.kernel.org/stable/c/9482ab4540f5bcc869b44c067ae99b5fca16bd07
- URL-https://git.kernel.org/stable/c/b49ea673e119f59c71645e2f65b3ccad857c90ee
- URL-https://www.cve.org/CVERecord?id=CVE-2022-48816
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.