{"id":"CVE-2022-48671","summary":"cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ncgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()\n\nsyzbot is hitting percpu_rwsem_assert_held(&cpu_hotplug_lock) warning at\ncpuset_attach() [1], for commit 4f7e7236435ca0ab (\"cgroup: Fix\nthreadgroup_rwsem \u003c-\u003e cpus_read_lock() deadlock\") missed that\ncpuset_attach() is also called from cgroup_attach_task_all().\nAdd cpus_read_lock() like what cgroup_procs_write_start() does.","modified":"2026-04-02T08:26:50.137505Z","published":"2024-05-03T14:50:23.558Z","related":["SUSE-SU-2024:1644-1","SUSE-SU-2024:1659-1","SUSE-SU-2024:1663-1","SUSE-SU-2024:2011-1","SUSE-SU-2024:2189-1","SUSE-SU-2025:0231-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48671.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/07191f984842d50020789ff14c75da436a7f46a9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/321488cfac7d0eb6d97de467015ff754f85813ff"},{"type":"WEB","url":"https://git.kernel.org/stable/c/43626dade36fa74d3329046f4ae2d7fdefe401c6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5db17805b6ba4c34dab303f49aea3562fc25af75"},{"type":"WEB","url":"https://git.kernel.org/stable/c/99bc25748e394d17f9e8b10cc7f273b8e64c1c7e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9f267393b036f1470fb12fb892d59e7ff8aeb58d"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48671.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48671"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"e446300968c6bd25d9cd6c33b9600780a39b3975"},{"fixed":"321488cfac7d0eb6d97de467015ff754f85813ff"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"59c6902a96b4439e07c25ef86a4593bea5481c3b"},{"fixed":"07191f984842d50020789ff14c75da436a7f46a9"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"dee1e2b18cf5426eed985512ccc6636ec69dbdd6"},{"fixed":"9f267393b036f1470fb12fb892d59e7ff8aeb58d"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"3bf4bf54069f9b62a54988e5d085023c17a66c90"},{"fixed":"5db17805b6ba4c34dab303f49aea3562fc25af75"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c0deb027c99c099aa6b831e326bfba802b25e774"},{"fixed":"99bc25748e394d17f9e8b10cc7f273b8e64c1c7e"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4f7e7236435ca0abe005c674ebd6892c6e83aeb3"},{"fixed":"43626dade36fa74d3329046f4ae2d7fdefe401c6"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48671.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}