CVE-2022-49296: ceph: fix possible deadlock when holding Fwb to get inline_data
First published: Wed Feb 26 2025(Updated: )
In the Linux kernel, the following vulnerability has been resolved: ceph: fix possible deadlock when holding Fwb to get inline_data 1, mount with wsync. 2, create a file with O_RDWR, and the request was sent to mds.0: ceph_atomic_open()--> ceph_mdsc_do_request(openc) finish_open(file, dentry, ceph_open)--> ceph_open()--> ceph_init_file()--> ceph_init_file_info()--> ceph_uninline_data()--> { ... if (inline_version == 1 || /* initial version, no data */ inline_version == CEPH_INLINE_NONE) goto out_unlock; ... } The inline_version will be 1, which is the initial version for the new create file. And here the ci->i_inline_version will keep with 1, it's buggy. 3, buffer write to the file immediately: ceph_write_iter()--> ceph_get_caps(file, need=Fw, want=Fb, ...); generic_perform_write()--> a_ops->write_begin()--> ceph_write_begin()--> netfs_write_begin()--> netfs_begin_read()--> netfs_rreq_submit_slice()--> netfs_read_from_server()--> rreq->netfs_ops->issue_read()--> ceph_netfs_issue_read()--> { ... if (ci->i_inline_version != CEPH_INLINE_NONE && ceph_netfs_issue_op_inline(subreq)) return; ... } ceph_put_cap_refs(ci, Fwb); The ceph_netfs_issue_op_inline() will send a getattr(Fsr) request to mds.1. 4, then the mds.1 will request the rd lock for CInode::filelock from the auth mds.0, the mds.0 will do the CInode::filelock state transation from excl --> sync, but it need to revoke the Fxwb caps back from the clients. While the kernel client has aleady held the Fwb caps and waiting for the getattr(Fsr). It's deadlock! URL: https://tracker.ceph.com/issues/55377
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | ||
| Ceph | ||
| Linux Kernel | >=2.6.34<5.18.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-49296?
CVE-2022-49296 has been designated as an important severity vulnerability due to the potential for deadlock scenarios.
How do I fix CVE-2022-49296?
To fix CVE-2022-49296, ensure that your Linux kernel is updated to the latest version that includes the patch for this vulnerability.
Which versions of the Linux kernel are affected by CVE-2022-49296?
CVE-2022-49296 affects specific versions of the Linux kernel that utilize the Ceph filesystem, particularly those with wsync settings enabled.
What is the impact of CVE-2022-49296 on Ceph file systems?
The impact of CVE-2022-49296 on Ceph file systems includes potential deadlocks when creating or accessing files, which can disrupt normal operations.
Is CVE-2022-49296 exploited in the wild?
As of the current information available, there are no confirmed exploits of CVE-2022-49296 in the wild.
- agent/first-publish-date
- agent/type
- agent/title
- agent/references
- agent/author
- agent/source
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/event
- agent/tags
- vendor/linux
- canonical/linux kernel
- vendor/ceph
- canonical/ceph
- version/linux kernel/2.6.34