ipv6: fix lockdep splat in in6_dump_addrs() 漏洞信息(CVE-2022-49662)

一、漏洞 CVE-2022-49662 基础信息

AIGC 神龙大模型
美国国家漏洞数据库 NVD

漏洞标题

IPv6:修复in6_dump_addrs()中的锁依赖错误

来源：AIGC 神龙大模型

漏洞描述信息

N/A

来源：AIGC 神龙大模型

CVSS信息

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

来源：AIGC 神龙大模型

漏洞类别

空指针解引用

来源：AIGC 神龙大模型

漏洞标题

ipv6: fix lockdep splat in in6_dump_addrs()

来源：美国国家漏洞数据库 NVD

漏洞描述信息

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix lockdep splat in in6_dump_addrs() As reported by syzbot, we should not use rcu_dereference() when rcu_read_lock() is not held. WARNING: suspicious RCU usage 5.19.0-rc2-syzkaller #0 Not tainted net/ipv6/addrconf.c:5175 suspicious rcu_dereference_check() usage! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 1 lock held by syz-executor326/3617: #0: ffffffff8d5848e8 (rtnl_mutex){+.+.}-{3:3}, at: netlink_dump+0xae/0xc20 net/netlink/af_netlink.c:2223 stack backtrace: CPU: 0 PID: 3617 Comm: syz-executor326 Not tainted 5.19.0-rc2-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 in6_dump_addrs+0x12d1/0x1790 net/ipv6/addrconf.c:5175 inet6_dump_addr+0x9c1/0xb50 net/ipv6/addrconf.c:5300 netlink_dump+0x541/0xc20 net/netlink/af_netlink.c:2275 __netlink_dump_start+0x647/0x900 net/netlink/af_netlink.c:2380 netlink_dump_start include/linux/netlink.h:245 [inline] rtnetlink_rcv_msg+0x73e/0xc90 net/core/rtnetlink.c:6046 netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2501 netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline] netlink_unicast+0x543/0x7f0 net/netlink/af_netlink.c:1345 netlink_sendmsg+0x917/0xe10 net/netlink/af_netlink.c:1921 sock_sendmsg_nosec net/socket.c:714 [inline] sock_sendmsg+0xcf/0x120 net/socket.c:734 ____sys_sendmsg+0x6eb/0x810 net/socket.c:2492 ___sys_sendmsg+0xf3/0x170 net/socket.c:2546 __sys_sendmsg net/socket.c:2575 [inline] __do_sys_sendmsg net/socket.c:2584 [inline] __se_sys_sendmsg net/socket.c:2582 [inline] __x64_sys_sendmsg+0x132/0x220 net/socket.c:2582 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x46/0xb0

来源：美国国家漏洞数据库 NVD

CVSS信息

N/A

来源：美国国家漏洞数据库 NVD

漏洞类别

N/A

来源：美国国家漏洞数据库 NVD

二、漏洞 CVE-2022-49662 的公开POC

#	POC 描述	源链接	神龙链接

三、漏洞 CVE-2022-49662 的情报信息

标题： ipv6: fix lockdep splat in in6_dump_addrs() - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

标签：
标题： ipv6: fix lockdep splat in in6_dump_addrs() - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

标签：
标题： ipv6: fix lockdep splat in in6_dump_addrs() - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

标签：
https://nvd.nist.gov/vuln/detail/CVE-2022-49662

一、 漏洞 CVE-2022-49662 基础信息

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2022-49662 的公开POC

三、漏洞 CVE-2022-49662 的情报信息

一、漏洞 CVE-2022-49662 基础信息