CVE-2022-49929 Affecting kernel-rt-kvm package, versions *


Severity

Recommended
0.0
medium
0
10

Based on CentOS security rating.

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-CENTOS7-KERNELRTKVM-9946278
  • published2 May 2025
  • disclosed1 May 2025

Introduced: 1 May 2025

NewCVE-2022-49929  (opens in a new tab)

How to fix?

There is no fixed version for Centos:7 kernel-rt-kvm.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-rt-kvm package and not the kernel-rt-kvm package as distributed by Centos. See How to fix? for Centos:7 relevant fixed versions and status.

In the Linux kernel, the following vulnerability has been resolved:

RDMA/rxe: Fix mr leak in RESPST_ERR_RNR

rxe_recheck_mr() will increase mr's ref_cnt, so we should call rxe_put(mr) to drop mr's ref_cnt in RESPST_ERR_RNR to avoid below warning:

WARNING: CPU: 0 PID: 4156 at drivers/infiniband/sw/rxe/rxe_pool.c:259 __rxe_cleanup+0x1df/0x240 [rdma_rxe] ... Call Trace: rxe_dereg_mr+0x4c/0x60 [rdma_rxe] ib_dereg_mr_user+0xa8/0x200 [ib_core] ib_mr_pool_destroy+0x77/0xb0 [ib_core] nvme_rdma_destroy_queue_ib+0x89/0x240 [nvme_rdma] nvme_rdma_free_queue+0x40/0x50 [nvme_rdma] nvme_rdma_teardown_io_queues.part.0+0xc3/0x120 [nvme_rdma] nvme_rdma_error_recovery_work+0x4d/0xf0 [nvme_rdma] process_one_work+0x582/0xa40 ? pwq_dec_nr_in_flight+0x100/0x100 ? rwlock_bug.part.0+0x60/0x60 worker_thread+0x2a9/0x700 ? process_one_work+0xa40/0xa40 kthread+0x168/0x1a0 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x22/0x30

CVSS Base Scores

version 3.1