SB2025062080 - Improper locking in Linux kernel powerpc kernel
Published: June 20, 2025 Updated: June 21, 2025
Security Bulletin ID
SB2025062080
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2022-50045)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the set_pci_dma_ops(), get_phb_number() and pcibios_alloc_controller() functions in arch/powerpc/kernel/pci-common.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1d9e75c3d8cdf7c96a94cb77450d4ee070279e6a
- https://git.kernel.org/stable/c/5db5ce0f1963c6c8275719a80cb65e9c98d32726
- https://git.kernel.org/stable/c/6f75057c21eab12c6ccb7f06f859641a6edfab99
- https://git.kernel.org/stable/c/8d48562a2729742f767b0fdd994d6b2a56a49c63
- https://git.kernel.org/stable/c/90f195c01a2e8d8da6281791617e21109719c981
- https://git.kernel.org/stable/c/a868f771ee41c97a25a04b8c632a7f06689b307b
- https://git.kernel.org/stable/c/ccb0a42d3f40c436295e0fef57ab613ae5b925a4
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.211