CVE-2022-49706— Linux kernel 安全漏洞
影响版本矩阵 10
| 厂商 | 产品 | 版本范围 | 状态 |
|---|---|---|---|
| Linux | Linux | 8dcc1a9d90c10fa4143e5c17821082e5e60e46a1< 355be6131164c5bacf2e810763835aecb6e01fcb | affected |
8dcc1a9d90c10fa4143e5c17821082e5e60e46a1< c2f71b9bb398e2e573bdc2574149f42b45efe410 | affected | ||
8dcc1a9d90c10fa4143e5c17821082e5e60e46a1< 3a7f05f104347b407e865c10be2675cd833a4e48 | affected | ||
8dcc1a9d90c10fa4143e5c17821082e5e60e46a1< c1c1204c0d0c1dccc1310b9277fb2bd8b663d8fe | affected | ||
5.6 | affected | ||
< 5.6 | unaffected | ||
5.10.125≤ 5.10.* | unaffected | ||
5.15.50≤ 5.15.* | unaffected | ||
| … +2 条更多 | |||
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2022-49706 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗ 尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
zonefs: fix zonefs_iomap_begin() for reads
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: zonefs: fix zonefs_iomap_begin() for reads If a readahead is issued to a sequential zone file with an offset exactly equal to the current file size, the iomap type is set to IOMAP_UNWRITTEN, which will prevent an IO, but the iomap length is calculated as 0. This causes a WARN_ON() in iomap_iter(): [17309.548939] WARNING: CPU: 3 PID: 2137 at fs/iomap/iter.c:34 iomap_iter+0x9cf/0xe80 [...] [17309.650907] RIP: 0010:iomap_iter+0x9cf/0xe80 [...] [17309.754560] Call Trace: [17309.757078] <TASK> [17309.759240] ? lock_is_held_type+0xd8/0x130 [17309.763531] iomap_readahead+0x1a8/0x870 [17309.767550] ? iomap_read_folio+0x4c0/0x4c0 [17309.771817] ? lockdep_hardirqs_on_prepare+0x400/0x400 [17309.778848] ? lock_release+0x370/0x750 [17309.784462] ? folio_add_lru+0x217/0x3f0 [17309.790220] ? reacquire_held_locks+0x4e0/0x4e0 [17309.796543] read_pages+0x17d/0xb60 [17309.801854] ? folio_add_lru+0x238/0x3f0 [17309.807573] ? readahead_expand+0x5f0/0x5f0 [17309.813554] ? policy_node+0xb5/0x140 [17309.819018] page_cache_ra_unbounded+0x27d/0x450 [17309.825439] filemap_get_pages+0x500/0x1450 [17309.831444] ? filemap_add_folio+0x140/0x140 [17309.837519] ? lock_is_held_type+0xd8/0x130 [17309.843509] filemap_read+0x28c/0x9f0 [17309.848953] ? zonefs_file_read_iter+0x1ea/0x4d0 [zonefs] [17309.856162] ? trace_contention_end+0xd6/0x130 [17309.862416] ? __mutex_lock+0x221/0x1480 [17309.868151] ? zonefs_file_read_iter+0x166/0x4d0 [zonefs] [17309.875364] ? filemap_get_pages+0x1450/0x1450 [17309.881647] ? __mutex_unlock_slowpath+0x15e/0x620 [17309.888248] ? wait_for_completion_io_timeout+0x20/0x20 [17309.895231] ? lock_is_held_type+0xd8/0x130 [17309.901115] ? lock_is_held_type+0xd8/0x130 [17309.906934] zonefs_file_read_iter+0x356/0x4d0 [zonefs] [17309.913750] new_sync_read+0x2d8/0x520 [17309.919035] ? __x64_sys_lseek+0x1d0/0x1d0 Furthermore, this causes iomap_readahead() to loop forever as iomap_readahead_iter() always returns 0, making no progress. Fix this by treating reads after the file size as access to holes, setting the iomap type to IOMAP_HOLE, the iomap addr to IOMAP_NULL_ADDR and using the length argument as is for the iomap length. To simplify the code with this change, zonefs_iomap_begin() is split into the read variant, zonefs_read_iomap_begin() and zonefs_read_iomap_ops, and the write variant, zonefs_write_iomap_begin() and zonefs_write_iomap_ops.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于zonefs在处理读取时未正确处理iomap类型和长度。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
二、漏洞 CVE-2022-49706 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|
AI 生成 POC高级
未找到公开 POC。
登录以生成 AI POC三、漏洞 CVE-2022-49706 的情报信息
请登录查看更多情报信息。
同批安全公告 · Linux · 2025-02-26 · 共 706 条
| CVE-2022-49496 | Linux kernel 安全漏洞 | |
| CVE-2022-49487 | Linux kernel 安全漏洞 | |
| CVE-2022-49486 | Linux kernel 安全漏洞 | |
| CVE-2022-49488 | Linux kernel 安全漏洞 | |
| CVE-2022-49489 | Linux kernel 安全漏洞 | |
| CVE-2022-49490 | Linux kernel 安全漏洞 | |
| CVE-2022-49491 | Linux kernel 安全漏洞 | |
| CVE-2022-49492 | Linux kernel 安全漏洞 | |
| CVE-2022-49493 | Linux kernel 安全漏洞 | |
| CVE-2022-49494 | Linux kernel 安全漏洞 | |
| CVE-2022-49495 | Linux kernel 安全漏洞 | |
| CVE-2022-49497 | Linux kernel 安全漏洞 | |
| CVE-2022-49503 | Linux kernel 安全漏洞 | |
| CVE-2022-49508 | Linux kernel 安全漏洞 | |
| CVE-2022-49506 | Linux kernel 安全漏洞 | |
| CVE-2022-49504 | Linux kernel 安全漏洞 | |
| CVE-2022-49505 | Linux kernel 安全漏洞 | |
| CVE-2022-49502 | Linux kernel 安全漏洞 | |
| CVE-2022-49499 | Linux kernel 安全漏洞 | |
| CVE-2022-49498 | Linux kernel 安全漏洞 |
显示前 20 条,共 706 条。 查看全部 → →
IV. Related Vulnerabilities
V. Comments for CVE-2022-49706
暂无评论