Overview
- Description
- In the Linux kernel, the following vulnerability has been resolved: sched: Fix yet more sched_fork() races Where commit 4ef0c5c6b5ba ("kernel/sched: Fix sched_fork() access an invalid sched_task_group") fixed a fork race vs cgroup, it opened up a race vs syscalls by not placing the task on the runqueue before it gets exposed through the pidhash. Commit 13765de8148f ("sched/fair: Fix fault in reweight_entity") is trying to fix a single instance of this, instead fix the whole class of issues, effectively reverting this commit.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61C603D7-C7CD-4505-AF1B-EBFDD4D152AF",
"versionEndExcluding": "5.15.27",
"versionStartIncluding": "5.15.3"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B871B667-EDC0-435D-909E-E918D8D90995",
"versionEndExcluding": "5.16.13",
"versionStartIncluding": "5.16"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.10.80:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75930186-8AC7-4632-8B1F-1EE8F2B29A25"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.14.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "482F2B24-1A1B-4F6F-B2B0-4C8783AD0811"
}
],
"operator": "OR"
}
]
}
]