{ "threat_severity" : "Low", "public_date" : "2025-10-04T00:00:00Z", "bugzilla" : { "description" : "kernel: IB/mad: Don't call to function that might sleep while in atomic context", "id" : "2401455", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2401455" }, "cvss3" : { "cvss3_base_score" : "4.7", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-474", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nIB/mad: Don't call to function that might sleep while in atomic context\nTracepoints are not allowed to sleep, as such the following splat is\ngenerated due to call to ib_query_pkey() in atomic context.\nWARNING: CPU: 0 PID: 1888000 at kernel/trace/ring_buffer.c:2492 rb_commit+0xc1/0x220\nCPU: 0 PID: 1888000 Comm: kworker/u9:0 Kdump: loaded Tainted: G OE --------- - - 4.18.0-305.3.1.el8.x86_64 #1\nHardware name: Red Hat KVM, BIOS 1.13.0-2.module_el8.3.0+555+a55c8938 04/01/2014\nWorkqueue: ib-comp-unb-wq ib_cq_poll_work [ib_core]\nRIP: 0010:rb_commit+0xc1/0x220\nRSP: 0000:ffffa8ac80f9bca0 EFLAGS: 00010202\nRAX: ffff8951c7c01300 RBX: ffff8951c7c14a00 RCX: 0000000000000246\nRDX: ffff8951c707c000 RSI: ffff8951c707c57c RDI: ffff8951c7c14a00\nRBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffff8951c7c01300 R11: 0000000000000001 R12: 0000000000000246\nR13: 0000000000000000 R14: ffffffff964c70c0 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffff8951fbc00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f20e8f39010 CR3: 000000002ca10005 CR4: 0000000000170ef0\nCall Trace:\nring_buffer_unlock_commit+0x1d/0xa0\ntrace_buffer_unlock_commit_regs+0x3b/0x1b0\ntrace_event_buffer_commit+0x67/0x1d0\ntrace_event_raw_event_ib_mad_recv_done_handler+0x11c/0x160 [ib_core]\nib_mad_recv_done+0x48b/0xc10 [ib_core]\n? trace_event_raw_event_cq_poll+0x6f/0xb0 [ib_core]\n__ib_process_cq+0x91/0x1c0 [ib_core]\nib_cq_poll_work+0x26/0x80 [ib_core]\nprocess_one_work+0x1a7/0x360\n? create_worker+0x1a0/0x1a0\nworker_thread+0x30/0x390\n? create_worker+0x1a0/0x1a0\nkthread+0x116/0x130\n? kthread_flush_work_fn+0x10/0x10\nret_from_fork+0x35/0x40\n---[ end trace 78ba8509d3830a16 ]---" ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-11-14T00:00:00Z", "advisory" : "RHSA-2023:7077", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "kernel-0:4.18.0-513.5.1.el8_9" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-11-07T00:00:00Z", "advisory" : "RHSA-2023:6583", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-362.8.1.el9_3" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-11-07T00:00:00Z", "advisory" : "RHSA-2023:6583", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-362.8.1.el9_3" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Under investigation", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Fix deferred", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Fix deferred", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-50472\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-50472\nhttps://lore.kernel.org/linux-cve-announce/2025100437-CVE-2022-50472-5d91@gregkh/T" ], "name" : "CVE-2022-50472", "csaw" : false }