CVE-2022-49433

{"id": "CVE-2022-49433", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-02-26T07:01:19.763", "references": [{"url": "https://git.kernel.org/stable/c/05c03dfd09c069c4ffd783b47b2da5dcc9421f2c", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/288d198f50434f29b4a26a9de4394ae2305ad8af", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/30eb275e7ed588270ae159cc590a96658e0cfd8f", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/66090815a24ce14cf51ef5453fc0218fe8a39bc2", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/addb192000d8819c0b1553453994df9bb54c28db", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ca55150bff5817af4f857a746ecab9862c23e12a", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/fc0750e659db7b315bf6348902cc8ca3cdd4b8d8", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-908"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hfi1: Prevent use of lock before it is initialized\n\nIf there is a failure during probe of hfi1 before the sdma_map_lock is\ninitialized, the call to hfi1_free_devdata() will attempt to use a lock\nthat has not been initialized. If the locking correctness validator is on\nthen an INFO message and stack trace resembling the following may be seen:\n\n INFO: trying to register non-static key.\n The code is fine but needs lockdep annotation, or maybe\n you didn't initialize this object before use?\n turning off the locking correctness validator.\n Call Trace:\n register_lock_class+0x11b/0x880\n __lock_acquire+0xf3/0x7930\n lock_acquire+0xff/0x2d0\n _raw_spin_lock_irq+0x46/0x60\n sdma_clean+0x42a/0x660 [hfi1]\n hfi1_free_devdata+0x3a7/0x420 [hfi1]\n init_one+0x867/0x11a0 [hfi1]\n pci_device_probe+0x40e/0x8d0\n\nThe use of sdma_map_lock in sdma_clean() is for freeing the sdma_map\nmemory, and sdma_map is not allocated/initialized until after\nsdma_map_lock has been initialized. This code only needs to be run if\nsdma_map is not NULL, and so checking for that condition will avoid trying\nto use the lock before it is initialized."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/hfi1: Evitar el uso del bloqueo antes de que se inicialice Si hay un error durante el sondeo de hfi1 antes de que se inicialice sdma_map_lock, la llamada a hfi1_free_devdata() intentar\u00e1 usar un bloqueo que no se ha inicializado. Si el validador de correcci\u00f3n de bloqueo est\u00e1 activado, se puede ver un mensaje INFO y un seguimiento de pila similar al siguiente: INFO: intentando registrar una clave no est\u00e1tica. El c\u00f3digo est\u00e1 bien, pero necesita la anotaci\u00f3n lockdep, o tal vez no inicializ\u00f3 este objeto antes de usarlo. desactivando el validador de correcci\u00f3n de bloqueo. Rastreo de llamadas: register_lock_class+0x11b/0x880 __lock_acquire+0xf3/0x7930 lock_acquire+0xff/0x2d0 _raw_spin_lock_irq+0x46/0x60 sdma_clean+0x42a/0x660 [hfi1] hfi1_free_devdata+0x3a7/0x420 [hfi1] init_one+0x867/0x11a0 [hfi1] pci_device_probe+0x40e/0x8d0 El uso de sdma_map_lock en sdma_clean() es para liberar la memoria sdma_map, y sdma_map no se asigna/inicializa hasta que se haya inicializado sdma_map_lock. Este c\u00f3digo solo necesita ejecutarse si sdma_map no es NULL, por lo que verificar esa condici\u00f3n evitar\u00e1 intentar usar el bloqueo antes de que se inicialice."}], "lastModified": "2025-10-22T17:26:38.947", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "124A7CB6-C94A-4F4C-8056-82C1AD2F6580", "versionEndExcluding": "4.19.247", "versionStartIncluding": "4.3"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9", "versionEndExcluding": "5.4.198", "versionStartIncluding": "4.20"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34ACD872-E5BC-401C-93D5-B357A62426E0", "versionEndExcluding": "5.10.121", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20D41697-0E8B-4B7D-8842-F17BF2AA21E1", "versionEndExcluding": "5.15.46", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252", "versionEndExcluding": "5.17.14", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2", "versionEndExcluding": "5.18.3", "versionStartIncluding": "5.18"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}