Double Queue Request Issue in Linux Kernel Affecting Various Drivers
CVE-2022-50554
What is CVE-2022-50554?
A vulnerability has been identified in the Linux kernel related to block I/O processing. This issue occurs in scenarios with virtual machines, where long VM exit latencies or preempt latencies of vCPU threads can lead to a premature timeout of block I/O requests. The problematic behavior arises during the request queueing phase, potentially causing double queue requests and resulting in a kernel panic. The onus is typically on drivers to manage the race conditions between timeouts and completions. However, given the widespread nature of this problem, many drivers could be affected, making it challenging to implement a fix. A proposed patch aims to prevent this issue by ensuring that ongoing requests are appropriately drained before a new queued request is initiated.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7a73c54a3750895888ab586896736c9434e062a1
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8b3d6b029a552d2978bbac275303d11419826a69
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 82c229476b8f6afd7e09bc4dc77d89dc19ff7688