{"id":"CVE-2022-50676","summary":"net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks()\n\nsyzbot is reporting lockdep warning at rds_tcp_reset_callbacks() [1], for\ncommit ac3615e7f3cffe2a (\"RDS: TCP: Reduce code duplication in\nrds_tcp_reset_callbacks()\") added cancel_delayed_work_sync() into a section\nprotected by lock_sock() without realizing that rds_send_xmit() might call\nlock_sock().\n\nWe don't need to protect cancel_delayed_work_sync() using lock_sock(), for\neven if rds_{send,recv}_worker() re-queued this work while __flush_work()\n from cancel_delayed_work_sync() was waiting for this work to complete,\nretried rds_{send,recv}_worker() is no-op due to the absence of RDS_CONN_UP\nbit.","modified":"2026-04-02T08:28:42.130764Z","published":"2025-12-09T01:29:29.166Z","related":["SUSE-SU-2026:0473-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50676.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/2425007c0967a7c04b0dee7cce05ecf0ca869ad1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/30bfa5aa7228eb1e67663d67e553627e572cc717"},{"type":"WEB","url":"https://git.kernel.org/stable/c/360aa7219285fac63dab99706a16f2daf3222abe"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5d2ba255e93211e541373469dffbda7c99dfa0e5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a91b750fd6629354460282bbf5146c01b05c4859"},{"type":"WEB","url":"https://git.kernel.org/stable/c/afe7053c390fe8ff27d0c2ceaece5625283044ba"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c380c28ab9b15fc53565909c814f6dd3e7f77c4b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/da349221c4d2d4ac5f606c1c3b36d4ef0b3e6a0c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e3cb25d3ad08f5dbd53ce2b31720cad529944322"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50676.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-50676"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"ac3615e7f3cffe2a1a6b25172dfd09e138593d82"},{"fixed":"5d2ba255e93211e541373469dffbda7c99dfa0e5"},{"fixed":"2425007c0967a7c04b0dee7cce05ecf0ca869ad1"},{"fixed":"e3cb25d3ad08f5dbd53ce2b31720cad529944322"},{"fixed":"360aa7219285fac63dab99706a16f2daf3222abe"},{"fixed":"da349221c4d2d4ac5f606c1c3b36d4ef0b3e6a0c"},{"fixed":"30bfa5aa7228eb1e67663d67e553627e572cc717"},{"fixed":"c380c28ab9b15fc53565909c814f6dd3e7f77c4b"},{"fixed":"afe7053c390fe8ff27d0c2ceaece5625283044ba"},{"fixed":"a91b750fd6629354460282bbf5146c01b05c4859"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50676.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"4.8.0"},{"fixed":"4.9.331"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.10.0"},{"fixed":"4.14.296"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.262"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.220"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.150"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.75"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"5.19.17"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.20.0"},{"fixed":"6.0.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50676.json"}}],"schema_version":"1.7.5"}