CVE-2022-2938
published 2022-08-23CVE-2022-2938: A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 5.16.7-1 (bookworm) | linux 5.16.7-1 (bookworm) |
| fedoraproject | fedora | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.103-1 | 5.10.103-1 |
| linux | linux_kernel | >= 0 < 5.16.7-1 | 5.16.7-1 |
| linux | linux_kernel | >= 0 < 5.16.7-1 | 5.16.7-1 |
| linux | linux_kernel | >= 0 < 5.16.7-1 | 5.16.7-1 |
| linux | linux_kernel | >= 5.11 < 5.15.19 | 5.15.19 |
| linux | linux_kernel | >= 5.16 < 5.16.5 | 5.16.5 |
| linux | linux_kernel | >= 5.2 < 5.4.177 | 5.4.177 |
| linux | linux_kernel | >= 5.5 < 5.10.97 | 5.10.97 |
| msrc | cbl2_kernel_5.15.67.1-4_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_kernel_5.10.134.1-2_on_cbl_mariner_1.0 | — | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH
Microsoft
A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default it could allow an attacker to crash the system or have other memory-corrup
vendor_msrc·2022-08-09·CVSS 7.8
CVE-2022-2938 [HIGH] CWE-416 A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default it could allow an attacker to crash the system or have other memory-corrup
A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default it could allow an attacker to crash the system or have other memory-corruption side effects.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified,
Red Hat
kernel: use-after-free when psi trigger is destroyed while being polled
vendor_redhat·2022-01-10·CVSS 7.8
CVE-2022-2938 [HIGH] CWE-416 kernel: use-after-free when psi trigger is destroyed while being polled
kernel: use-after-free when psi trigger is destroyed while being polled
A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.
A flaw was found in the Linux kernel’s implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.
Statement: The Pressure Stall Subsystem (PSI) is disabled by default on Red Hat kernels, if the feature has not been explicitly enabled using a kernel boot time parameter of 'psi=1', the system is not affected.
Package: kernel (Red Hat Enterprise Linux 5) - Out of support scope
Pack
Debian
CVE-2022-2938: linux - A flaw was found in the Linux kernel's implementation of Pressure Stall Informat...
vendor_debian·2022·CVSS 7.8
CVE-2022-2938 [HIGH] CVE-2022-2938: linux - A flaw was found in the Linux kernel's implementation of Pressure Stall Informat...
A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.
Scope: local
bookworm: resolved (fixed in 5.16.7-1)
bullseye: resolved (fixed in 5.10.103-1)
forky: resolved (fixed in 5.16.7-1)
sid: resolved (fixed in 5.16.7-1)
trixie: resolved (fixed in 5.16.7-1)
GHSA
GHSA-c84m-fxrm-chfh: A flaw was found in the Linux kernel's implementation of Pressure Stall Information
ghsa_unreviewed·2022-08-24
CVE-2022-2938 [HIGH] CWE-416 GHSA-c84m-fxrm-chfh: A flaw was found in the Linux kernel's implementation of Pressure Stall Information
A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.
OSV
CVE-2022-2938: A flaw was found in the Linux kernel's implementation of Pressure Stall Information
osv·2022-08-23·CVSS 7.8
CVE-2022-2938 [HIGH] CVE-2022-2938: A flaw was found in the Linux kernel's implementation of Pressure Stall Information
A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a06247c6804f1a7c86a2e5398a4c1f1db1471848https://security.netapp.com/advisory/ntap-20221223-0002/https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a06247c6804f1a7c86a2e5398a4c1f1db1471848https://security.netapp.com/advisory/ntap-20221223-0002/
2022-08-23
Published