CVE-2022-49259

block: don't delete queue kobject before its children

Description

In the Linux kernel, the following vulnerability has been resolved: block: don't delete queue kobject before its children kobjects aren't supposed to be deleted before their child kobjects are deleted. Apparently this is usually benign; however, a WARN will be triggered if one of the child kobjects has a named attribute group: sysfs group 'modes' not found for kobject 'crypto' WARNING: CPU: 0 PID: 1 at fs/sysfs/group.c:278 sysfs_remove_group+0x72/0x80 ... Call Trace: sysfs_remove_groups+0x29/0x40 fs/sysfs/group.c:312 __kobject_del+0x20/0x80 lib/kobject.c:611 kobject_cleanup+0xa4/0x140 lib/kobject.c:696 kobject_release lib/kobject.c:736 [inline] kref_put include/linux/kref.h:65 [inline] kobject_put+0x53/0x70 lib/kobject.c:753 blk_crypto_sysfs_unregister+0x10/0x20 block/blk-crypto-sysfs.c:159 blk_unregister_queue+0xb0/0x110 block/blk-sysfs.c:962 del_gendisk+0x117/0x250 block/genhd.c:610 Fix this by moving the kobject_del() and the corresponding kobject_uevent() to the correct place.

N/A
CVSS
Severity:
EPSS 0.05%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/b2001eb10f59363da930cdd6e086a2861986fa18
https://git.kernel.org/stable/c/84fe3ca6e7910beb47ec13509d484f84fa2a41ad
https://git.kernel.org/stable/c/0b5924a14d64487ebd51127b0358d06066ef5384
https://git.kernel.org/stable/c/efaa0e969261e97c1fdd8e0338e5dd3ba5b9219c
https://git.kernel.org/stable/c/cf0cb8686e55d9c022944bc6ba9e19e832889e83
https://git.kernel.org/stable/c/3d7e32c8da45957326f56937e0471c686d1a7711
https://git.kernel.org/stable/c/0f69288253e9fc7c495047720e523b9f1aba5712

Frequently Asked Questions

What is the severity of CVE-2022-49259?
CVE-2022-49259 has not yet been assigned a CVSS score.
How to fix CVE-2022-49259?
To fix CVE-2022-49259, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-49259 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-49259 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-49259?
CVE-2022-49259 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.