CVE-2022-50676
Published: Dec 9, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks() syzbot is reporting lockdep warning at rds_tcp_reset_callbacks() [1], for commit ac3615e7f3cffe2a ("RDS: TCP: Reduce code duplication in rds_tcp_reset_callbacks()") added cancel_delayed_work_sync() into a section protected by lock_sock() without realizing that rds_send_xmit() might call lock_sock(). We don't need to protect cancel_delayed_work_sync() using lock_sock(), for even if rds_{send,recv}_worker() re-queued this work while __flush_work() from cancel_delayed_work_sync() was waiting for this work to complete, retried rds_{send,recv}_worker() is no-op due to the absence of RDS_CONN_UP bit.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected ac3615e7f3cffe2a1a6b25172dfd09e138593d82 - < 5d2ba255e93211e541373469dffbda7c99dfa0e5affected ac3615e7f3cffe2a1a6b25172dfd09e138593d82 - < 2425007c0967a7c04b0dee7cce05ecf0ca869ad1affected ac3615e7f3cffe2a1a6b25172dfd09e138593d82 - < e3cb25d3ad08f5dbd53ce2b31720cad529944322affected ac3615e7f3cffe2a1a6b25172dfd09e138593d82 - < 360aa7219285fac63dab99706a16f2daf3222abeaffected ac3615e7f3cffe2a1a6b25172dfd09e138593d82 - < da349221c4d2d4ac5f606c1c3b36d4ef0b3e6a0c+4 more versions |
Linux | Linux | affected 4.8unaffected 0 - < 4.8unaffected 4.9.331 - <= 4.9.*unaffected 4.14.296 - <= 4.14.*unaffected 4.19.262 - <= 4.19.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now