CVE-2022-50373Race Condition in Linux

CWE-362Race Condition5 documents5 sources
Severity
4.7MEDIUMNVD
EPSS
0.0%
top 98.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 17

Description

In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix race in lowcomms This patch fixes a race between queue_work() in _dlm_lowcomms_commit_msg() and srcu_read_unlock(). The queue_work() can take the final reference of a dlm_msg and so msg->idx can contain garbage which is signaled by the following warning: [ 676.237050] ------------[ cut here ]------------ [ 676.237052] WARNING: CPU: 0 PID: 1060 at include/linux/srcu.h:189 dlm_lowcomms_commit_msg+0x41/0x50 [ 676.23

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel5.165.19.17+2
Debianlinux/linux_kernel< 6.0.3-1+2
CVEListV5linux/linuxb38bc9c2b3171f4411d80015ecb876bc6f9bcd2627d3e646dd83bafd7094890462eebfce3ac31e4a+5
debiandebian/linux< linux 6.0.3-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-wp8q-4m36-3vr3: In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix race in lowcomms This patch fixes a race between queue_work() in _d2025-09-17
OSV
CVE-2022-50373: In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix race in lowcomms This patch fixes a race between queue_work() in _dlm2025-09-17

📋Vendor Advisories

2
Red Hat
kernel: fs: dlm: fix race in lowcomms2025-09-17
Debian
CVE-2022-50373: linux - In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fi...2022
CVE-2022-50373 — Race Condition in Linux | cvebase