CVE-2022-49413 The advisory has been revoked - it doesn't affect any version of package kernel-rt-64k-debug-modules  (opens in a new tab)


Threat Intelligence

EPSS
0.28% (20th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-CENTOS9-KERNELRT64KDEBUGMODULES-10310146
  • published6 Jun 2025
  • disclosed26 Feb 2025

Introduced: 26 Feb 2025

CVE-2022-49413  (opens in a new tab)

Amendment

The Centos security team deemed this advisory irrelevant for Centos:9.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-rt-64k-debug-modules package and not the kernel-rt-64k-debug-modules package as distributed by Centos.

In the Linux kernel, the following vulnerability has been resolved:

bfq: Update cgroup information before merging bio

When the process is migrated to a different cgroup (or in case of writeback just starts submitting bios associated with a different cgroup) bfq_merge_bio() can operate with stale cgroup information in bic. Thus the bio can be merged to a request from a different cgroup or it can result in merging of bfqqs for different cgroups or bfqqs of already dead cgroups and causing possible use-after-free issues. Fix the problem by updating cgroup information in bfq_merge_bio().