Vulnerability CVE-2022-0480: Information

Description

A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface (POSIX) file locks.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2022-0480

Published: Aug. 29, 2022

Modified: March 3, 2023

Error type identifier: CWE-770

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
kernel-image-mp	sisyphus	5.15.4-alt1	6.8.12-alt1	ALT-PU-2021-3330-1	290389	Fixed
kernel-image-mp	p10	6.1.19-alt1	6.1.19-alt1	ALT-PU-2023-4894-3	327092	Fixed
kernel-image-mp	p11	5.15.4-alt1	6.8.8-alt1	ALT-PU-2021-3330-1	290389	Fixed
kernel-image-rpi-def	sisyphus	5.15.25-alt1	5.15.92-alt2	ALT-PU-2022-1419-1	296090	Fixed
kernel-image-rpi-def	p10	5.15.25-alt1	5.15.92-alt2	ALT-PU-2022-1421-1	296181	Fixed
kernel-image-rpi-def	p11	5.15.25-alt1	5.15.92-alt2	ALT-PU-2022-1419-1	296090	Fixed
kernel-image-rpi-un	sisyphus	5.15.6-alt1	6.6.23-alt1	ALT-PU-2021-3563-1	292137	Fixed
kernel-image-rpi-un	p10	5.15.6-alt1	6.1.77-alt1	ALT-PU-2021-3573-1	292365	Fixed
kernel-image-rpi-un	p11	5.15.6-alt1	6.6.23-alt1	ALT-PU-2021-3563-1	292137	Fixed
kernel-image-rt	sisyphus	6.1.28-alt1.rt10	6.1.92-alt1.rt32	ALT-PU-2023-1814-1	320645	Fixed
kernel-image-rt	p11	6.1.28-alt1.rt10	6.1.90-alt2.rt30	ALT-PU-2023-1814-1	320645	Fixed
kernel-image-std-def	sisyphus	5.15.22-alt1	6.1.92-alt1	ALT-PU-2022-1240-1	293878	Fixed
kernel-image-std-def	p11	5.15.22-alt1	6.1.91-alt1	ALT-PU-2022-1240-1	293878	Fixed
kernel-image-un-def	sisyphus	5.15.5-alt1	6.6.32-alt1	ALT-PU-2021-3358-1	289443	Fixed
kernel-image-un-def	sisyphus_riscv64	5.16.8-alt1.rv64	6.6.32-alt1.0.port	ALT-PU-2022-3985-1	-	Fixed
kernel-image-un-def	p10	5.15.11-alt2	6.1.90-alt1	ALT-PU-2021-3660-1	291610	Fixed
kernel-image-un-def	c10f1	5.15.11-alt2	6.1.85-alt0.c10f.1	ALT-PU-2021-3660-1	291610	Fixed
kernel-image-un-def	p11	5.15.5-alt1	6.6.31-alt1	ALT-PU-2021-3358-1	289443	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2049700	Issue Tracking Third Party Advisory
https://github.com/kata-containers/kata-containers/issues/3373	Issue Tracking Third Party Advisory
https://access.redhat.com/security/cve/CVE-2022-0480	Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0f12156dff2862ac54235fc72703f18770769042	Patch
https://ubuntu.com/security/CVE-2022-0480	Third Party Advisory
https://lore.kernel.org/linux-mm/20210902215519.AWcuVc3li%25akpm%40linux-foundation.org/	Vendor Advisory

Affected configurations:
1. Configuration 1
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  End excliding
  5.15
  
  Configuration 2
  cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

Version: v24.5.3

Vulnerability CVE-2022-0480: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2