CVE-2022-50705Incorrect Synchronization in Linux

CWE-821Incorrect Synchronization7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 93.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq context. Defer the calls to when we process the task_work for this request. That avoids valid complaints like: stack backtrace: CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.0.0-rc6-syzkaller-00321-g105a36f3694e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2

Affected Packages4 packages

Linuxlinux/linux_kernel5.16.06.0.3+1
Debianlinux/linux_kernel< 6.0.3-1+2
CVEListV5linux/linuxdf1ec53252d5b5b26ea49e30438741c9a6d8985789a410dbd0f159ddd308f19d6eb682fc753e4771+5
debiandebian/linux< linux 6.0.3-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-r9f5-5g6p-cv83: In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: defer fsnotify calls to task context We can't call these off the ki2025-12-24
OSV
io_uring/rw: defer fsnotify calls to task context2025-12-24
OSV
CVE-2022-50705: In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: defer fsnotify calls to task context We can't call these off the kioc2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: io_uring/rw: defer fsnotify calls to task context2025-12-24
Debian
CVE-2022-50705: linux - In the Linux kernel, the following vulnerability has been resolved: io_uring/rw...2022

🕵️Threat Intelligence

1
Wiz
CVE-2022-50705 Impact, Exploitability, and Mitigation Steps | Wiz