CVE-2022-49768

9p: trans_fd/p9_conn_cancel: drop client lock earlier

Description

In the Linux kernel, the following vulnerability has been resolved: 9p: trans_fd/p9_conn_cancel: drop client lock earlier syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to local list: just drop the lock earlier.

N/A
CVSS
Severity:
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/82825dbf393f7c7979d462f9609a15bde8092b3f
https://git.kernel.org/stable/c/e3031280fe4eaf61a09e60823331f81f321be8e1
https://git.kernel.org/stable/c/fec1406f5e7ab20b71f6d231792b0040e3300aaf
https://git.kernel.org/stable/c/96760723aae1b45f733f702abb4333137143909f
https://git.kernel.org/stable/c/f14858bc77c567e089965962877ee726ffad0556
https://git.kernel.org/stable/c/a4f1a01b2e81378fce9ca528d4d8a049e4b58fcd
https://git.kernel.org/stable/c/612c977f5d481f551d03d83d0aef588845c1300c
https://git.kernel.org/stable/c/52f1c45dde9136f964d63a77d19826c8a74e2c7f

Frequently Asked Questions

What is the severity of CVE-2022-49768?
CVE-2022-49768 has not yet been assigned a CVSS score.
How to fix CVE-2022-49768?
To fix CVE-2022-49768, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-49768 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-49768 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-49768?
CVE-2022-49768 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.