CVE-2022-50705 - 漏洞详情

CVE-2022-50705 (CNNVD-202512-4722)

UNKNOWN

中文标题:

Linux kernel 安全漏洞

英文标题:

io_uring/rw: defer fsnotify calls to task context

CVSS分数: N/A

发布时间: 2025-12-24 10:55:20

漏洞类型: 其他

状态: PUBLISHED

数据质量分数: 0.40

数据版本: v3

漏洞描述

中文描述:

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于fsnotify调用上下文不当，可能导致死锁。

英文描述:

In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq context. Defer the calls to when we process the task_work for this request. That avoids valid complaints like: stack backtrace: CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.0.0-rc6-syzkaller-00321-g105a36f3694e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 Call Trace: <IRQ> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 print_usage_bug kernel/locking/lockdep.c:3961 [inline] valid_state kernel/locking/lockdep.c:3973 [inline] mark_lock_irq kernel/locking/lockdep.c:4176 [inline] mark_lock.part.0.cold+0x18/0xd8 kernel/locking/lockdep.c:4632 mark_lock kernel/locking/lockdep.c:4596 [inline] mark_usage kernel/locking/lockdep.c:4527 [inline] __lock_acquire+0x11d9/0x56d0 kernel/locking/lockdep.c:5007 lock_acquire kernel/locking/lockdep.c:5666 [inline] lock_acquire+0x1ab/0x570 kernel/locking/lockdep.c:5631 __fs_reclaim_acquire mm/page_alloc.c:4674 [inline] fs_reclaim_acquire+0x115/0x160 mm/page_alloc.c:4688 might_alloc include/linux/sched/mm.h:271 [inline] slab_pre_alloc_hook mm/slab.h:700 [inline] slab_alloc mm/slab.c:3278 [inline] __kmem_cache_alloc_lru mm/slab.c:3471 [inline] kmem_cache_alloc+0x39/0x520 mm/slab.c:3491 fanotify_alloc_fid_event fs/notify/fanotify/fanotify.c:580 [inline] fanotify_alloc_event fs/notify/fanotify/fanotify.c:813 [inline] fanotify_handle_event+0x1130/0x3f40 fs/notify/fanotify/fanotify.c:948 send_to_group fs/notify/fsnotify.c:360 [inline] fsnotify+0xafb/0x1680 fs/notify/fsnotify.c:570 __fsnotify_parent+0x62f/0xa60 fs/notify/fsnotify.c:230 fsnotify_parent include/linux/fsnotify.h:77 [inline] fsnotify_file include/linux/fsnotify.h:99 [inline] fsnotify_access include/linux/fsnotify.h:309 [inline] __io_complete_rw_common+0x485/0x720 io_uring/rw.c:195 io_complete_rw+0x1a/0x1f0 io_uring/rw.c:228 iomap_dio_complete_work fs/iomap/direct-io.c:144 [inline] iomap_dio_bio_end_io+0x438/0x5e0 fs/iomap/direct-io.c:178 bio_endio+0x5f9/0x780 block/bio.c:1564 req_bio_endio block/blk-mq.c:695 [inline] blk_update_request+0x3fc/0x1300 block/blk-mq.c:825 scsi_end_request+0x7a/0x9a0 drivers/scsi/scsi_lib.c:541 scsi_io_completion+0x173/0x1f70 drivers/scsi/scsi_lib.c:971 scsi_complete+0x122/0x3b0 drivers/scsi/scsi_lib.c:1438 blk_complete_reqs+0xad/0xe0 block/blk-mq.c:1022 __do_softirq+0x1d3/0x9c6 kernel/softirq.c:571 invoke_softirq kernel/softirq.c:445 [inline] __irq_exit_rcu+0x123/0x180 kernel/softirq.c:650 irq_exit_rcu+0x5/0x20 kernel/softirq.c:662 common_interrupt+0xa9/0xc0 arch/x86/kernel/irq.c:240

CWE类型:

（暂无数据）

受影响产品

厂商	产品	版本	版本范围	平台	CPE
Linux	Linux	dfbe550c8235b7e98284db37eeeddfd3b4b19b00	-	-	`cpe:2.3:a:linux:linux:dfbe550c8235b7e98284db37eeeddfd3b4b19b00:::::::*`
Linux	Linux	b436d1e92662adecafff4c95baae6352289c2d80	-	-	`cpe:2.3:a:linux:linux:b436d1e92662adecafff4c95baae6352289c2d80:::::::*`
Linux	Linux	5.18	-	-	`cpe:2.3:a:linux:linux:5.18:::::::*`

解决方案

中文解决方案:

（暂无数据）

英文解决方案:

（暂无数据）

临时解决方案:

（暂无数据）

参考链接

无标题 OTHER
cve.org

访问

无标题 OTHER
cve.org

访问

无标题 OTHER
cve.org

访问

CVSS评分详情

暂无CVSS评分信息

时间信息

发布时间:

2025-12-24 10:55:20

修改时间:

2025-12-24 10:55:20

创建时间:

2026-01-12 02:08:36

更新时间:

2026-01-20 03:10:44

利用信息

暂无可利用代码信息

数据源详情

数据源	记录ID	版本	提取时间
CVE	`cve_CVE-2022-50705`	2025-12-25 02:03:31	2026-01-12 02:08:36
NVD	`nvd_CVE-2022-50705`	2025-12-30 04:12:18	2026-01-12 02:26:44
CNNVD	`cnnvd_CNNVD-202512-4722`	2026-01-11 06:15:05	2026-01-12 02:38:07

版本与语言

当前版本: v3

主要语言: EN

支持语言:

ZH EN

安全公告

暂无安全公告信息

变更历史

v3 CNNVD

2026-01-12 02:38:07

vulnerability_type: 未提取 → 其他; severity: SeverityLevel.MEDIUM → SeverityLevel.UNKNOWN; cvss_score: 未提取 → 0.0; cnnvd_id: 未提取 → CNNVD-202512-4722; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']

查看详细变更

vulnerability_type: 未提取 -> 其他
severity: SeverityLevel.MEDIUM -> SeverityLevel.UNKNOWN
cvss_score: 未提取 -> 0.0
cnnvd_id: 未提取 -> CNNVD-202512-4722
data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']

v2 NVD

2026-01-12 02:26:44

data_sources: ['cve'] → ['cve', 'nvd']

查看详细变更

data_sources: ['cve'] -> ['cve', 'nvd']

CVE-2022-50705 (CNNVD-202512-4722)

中文标题:

Linux kernel 安全漏洞

英文标题:

io_uring/rw: defer fsnotify calls to task context

漏洞描述

中文描述:

英文描述:

CWE类型:

标签:

受影响产品

解决方案

中文解决方案:

英文解决方案:

临时解决方案:

参考链接

CVSS评分详情

时间信息

利用信息

数据源详情

版本与语言

安全公告

变更历史