retired/CVE-2022-2959


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: pipe: Fix missing lock in pipe_resize_ring()
References:
 https://www.zerodayinitiative.com/advisories/ZDI-CAN-17291/
Notes:
 carnil> Commit fixes c73be61cede5 ("pipe: Add general notification
 carnil> queue support") in 5.8-rc1.
 carnil> Fixed for 5.17.y in 5.17.13 and for 5.18.y in 5.18.2.
Bugs:
upstream: released (5.19-rc1) [189b0ddc245139af81198d1a3637cac74f96e13a]
5.10-upstream-stable: released (5.10.120) [8fbd54ab06c955d247c1a91d5d980cddc868f1e7]
4.19-upstream-stable: N/A "Vulnerable code introduced later"
4.9-upstream-stable: N/A "Vulnerable code introduced later"
sid: released (5.18.2-1)
5.10-bullseye-security: released (5.10.120-1)
4.19-buster-security: N/A "Vulnerable code introduced later"
4.9-stretch-security: N/A "Vulnerable code introduced later"