retired/CVE-2022-28796


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: jbd2: fix use-after-free of transaction_t race
References:
Notes:
 carnil> Commit fixes 4f9818684870 ("jbd2: refactor wait logic for
 carnil> transaction updates into a common function") in 5.17-rc3.
 carnil> Issue fixed as well in 5.17.1 for 5.17.y and so newer in
 carnil> unstable affected.
Bugs:
upstream: released (5.18-rc1) [cc16eecae687912238ee6efbff71ad31e2bc414e]
5.10-upstream-stable: N/A "Vulnerable code not present"
4.19-upstream-stable: N/A "Vulnerable code not present"
4.9-upstream-stable: N/A "Vulnerable code not present"
sid: N/A "Vulnerable code not present"
5.10-bullseye-security: N/A "Vulnerable code not present"
4.19-buster-security: N/A "Vulnerable code not present"
4.9-stretch-security: N/A "Vulnerable code not present"