SB20250327136 - Improper locking in Linux kernel w1 driver
Published: March 27, 2025 Updated: May 11, 2025
Security Bulletin ID
SB20250327136
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2022-49751)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the w1_process() function in drivers/w1/w1.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/190b5c3bbd5df685bb1063bda048831d72b8f1d4
- https://git.kernel.org/stable/c/216f35db6ec6a667cd9db4838d657c1d2f4684da
- https://git.kernel.org/stable/c/276052159ba94d4d9f5b453fb4707d6798c6b845
- https://git.kernel.org/stable/c/36225a7c72e9e3e1ce4001b6ce72849f5c9a2d3b
- https://git.kernel.org/stable/c/89c62cee5d4d65ac75d99b5f986f7f94290e888f
- https://git.kernel.org/stable/c/bccd6df4c177b1ad766f16565ccc298653d027d0
- https://git.kernel.org/stable/c/cfc7462ff824ed6718ed0272ee9aae88e20d469a
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.9