Decompression Hang in Linux Kernel's EROFS with Potential Impact
CVE-2022-50193
What is CVE-2022-50193?
A vulnerability in the Linux kernel's EROFS filesystem can lead to a decompression hang when the filesystem is mounted multiple times in quick succession. This occurs due to a race condition between two tasks, where one task attempting to load decompression configuration may block another task that is trying to access decompressed data. As a result, the second task can enter a sleep state, causing the system to freeze for that process until resources are properly managed and released. This condition poses risks for system stability and efficiency, highlighting the importance of timely updates to mitigate such issues.
Affected Version(s)
Linux 622ceaddb7649ca328832f50ba1400af778d75fa < 2478e36ec437a27f8a05bea9e4269a68c554e21f
Linux 622ceaddb7649ca328832f50ba1400af778d75fa < 96aa2a6a89618d850ef082e4268007e840c28769
Linux 622ceaddb7649ca328832f50ba1400af778d75fa < 2df7c4bd7c1d2bc5ece5e9ed19dbd386810c2a65