What is GHSA-9wm5-v97c-mv82?

GHSA-9wm5-v97c-mv82 is a security advisory published by GitHub Security Advisories with Medium severity. In the Linux kernel, the following vulnerability has been resolved: SUNRPC: lock against -\u003esock...

Which CVE IDs does GHSA-9wm5-v97c-mv82 cover?

GHSA-9wm5-v97c-mv82 covers the following CVE IDs: CVE-2022-48816. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-9wm5-v97c-mv82?

GHSA-9wm5-v97c-mv82 has a CVSS v3 base score of 4.7, published by GitHub Security Advisories.

GHSA-9wm5-v97c-mv82MediumCVSS 4.7

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: lock against ->sock...

Vendor

GitHub Security Advisories

Published

July 16, 2024

Last Modified

June 1, 2026

🔗 CVE IDs covered (1)

CVE-2022-48816 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

SUNRPC: lock against ->sock changing during sysfs read

->sock can be set to NULL asynchronously unless ->recv_mutex is held. So it is important to hold that mutex. Otherwise a sysfs read can trigger an oops. Commit 17f09d3f619a ("SUNRPC: Check if the xprt is connected before handling sysfs reads") appears to attempt to fix this problem, but it only narrows the race window.

🔗 References (5)

https://nvd.nist.gov/vuln/detail/CVE-2022-48816
https://git.kernel.org/stable/c/9482ab4540f5bcc869b44c067ae99b5fca16bd07
https://git.kernel.org/stable/c/b49ea673e119f59c71645e2f65b3ccad857c90ee
https://git.kernel.org/stable/c/fdc42287ae3f8a35cc2098307f52d7864b4bc8ed
https://github.com/advisories/GHSA-9wm5-v97c-mv82