CVE-2022-49433

MEDIUM EPSS 15.9%
Published Feb 26, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent use of lock before it is initialized If there is a failure during probe of hfi1 before the sdma_map_lock is initialized, the call to hfi1_free_devdata() will attempt to use a lock that has not been initialized. If the locking correctness validator is on then an INFO message and stack trace resembling the following may be seen: INFO: trying to register non-static key. The code is fine but needs lockdep annotation, or maybe you didn't initialize this object before use? turning off the locking correctness validator. Call Trace: register_lock_class+0x11b/0x880 __lock_acquire+0xf3/0x7930 lock_acquire+0xff/0x2d0 _raw_spin_lock_irq+0x46/0x60 sdma_clean+0x42a/0x660 [hfi1] hfi1_free_devdata+0x3a7/0x420 [hfi1] init_one+0x867/0x11a0 [hfi1] pci_device_probe+0x40e/0x8d0 The use of sdma_map_lock in sdma_clean() is for freeing the sdma_map memory, and sdma_map is not allocated/initialized until after sdma_map_lock has been initialized. This code only needs to be run if sdma_map is not NULL, and so checking for that condition will avoid trying to use the lock before it is initialized.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
15.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-908

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥4.3  –  <4.19.247
linuxlinux_kernel*≥4.20  –  <5.4.198
linuxlinux_kernel*≥5.5  –  <5.10.121
linuxlinux_kernel*≥5.11  –  <5.15.46
linuxlinux_kernel*≥5.16  –  <5.17.14
linuxlinux_kernel*≥5.18  –  <5.18.3

References 7

  • git.kernel.org https://git.kernel.org/stable/c/05c03dfd09c069c4ffd783b47b2da5dcc9421f2c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/288d198f50434f29b4a26a9de4394ae2305ad8af
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/30eb275e7ed588270ae159cc590a96658e0cfd8f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/66090815a24ce14cf51ef5453fc0218fe8a39bc2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/addb192000d8819c0b1553453994df9bb54c28db
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ca55150bff5817af4f857a746ecab9862c23e12a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fc0750e659db7b315bf6348902cc8ca3cdd4b8d8
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/05c03dfd09c069c4ffd783b47b2da5dcc9421f2c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/288d198f50434f29b4a26a9de4394ae2305ad8af
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/30eb275e7ed588270ae159cc590a96658e0cfd8f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/66090815a24ce14cf51ef5453fc0218fe8a39bc2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/addb192000d8819c0b1553453994df9bb54c28db
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ca55150bff5817af4f857a746ecab9862c23e12a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fc0750e659db7b315bf6348902cc8ca3cdd4b8d8
    Patch