CVE-2022-49220

dax: make sure inodes are flushed before destroy cache

Description

In the Linux kernel, the following vulnerability has been resolved: dax: make sure inodes are flushed before destroy cache A bug can be triggered by following command $ modprobe nd_pmem && modprobe -r nd_pmem [ 10.060014] BUG dax_cache (Not tainted): Objects remaining in dax_cache on __kmem_cache_shutdown() [ 10.060938] Slab 0x0000000085b729ac objects=9 used=1 fp=0x000000004f5ae469 flags=0x200000000010200(slab|head|node) [ 10.062433] Call Trace: [ 10.062673] dump_stack_lvl+0x34/0x44 [ 10.062865] slab_err+0x90/0xd0 [ 10.063619] __kmem_cache_shutdown+0x13b/0x2f0 [ 10.063848] kmem_cache_destroy+0x4a/0x110 [ 10.064058] __x64_sys_delete_module+0x265/0x300 This is caused by dax_fs_exit() not flushing inodes before destroy cache. To fix this issue, call rcu_barrier() before destroy cache.

N/A
CVSS
Severity:
EPSS 0.05%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/770d42fff12d8595adda9025a0b92091f543e775
https://git.kernel.org/stable/c/ec376f5c11c88c0215d173599db8449cd4196759
https://git.kernel.org/stable/c/e2951eaa9398415ac054b7bd80b8163b6838ead4
https://git.kernel.org/stable/c/f2a1e0eb70c2d954176c07d75d28742bde30e9f3
https://git.kernel.org/stable/c/b786abe7c67c6ef71410c8e23292b3091d616ad1
https://git.kernel.org/stable/c/a7e8de822e0b1979f08767c751f6c8a9c1d4ad86

Frequently Asked Questions

What is the severity of CVE-2022-49220?
CVE-2022-49220 has not yet been assigned a CVSS score.
How to fix CVE-2022-49220?
To fix CVE-2022-49220, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-49220 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-49220 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-49220?
CVE-2022-49220 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.