VULNERABILITY

Amazon Linux AMI: CVE-2022-49465: Security patch for kernel (ALAS-2025-1977)

Try Surface Command Get a continuous 360° view of your attack surface
Back to Search

Amazon Linux AMI: CVE-2022-49465: Security patch for kernel (ALAS-2025-1977)

Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
02/26/2025
Created
05/15/2025
Added
05/13/2025
Modified
05/21/2025

Description

In the Linux kernel, the following vulnerability has been resolved:

blk-throttle: Set BIO_THROTTLED when bio has been throttled

1.In current process, all bio will set the BIO_THROTTLED flag

after __blk_throtl_bio().

2.If bio needs to be throttled, it will start the timer and

stop submit bio directly. Bio will submit in

blk_throtl_dispatch_work_fn() when the timer expires.But in

the current process, if bio is throttled. The BIO_THROTTLED

will be set to bio after timer start. If the bio has been

completed, it may cause use-after-free blow.

BUG: KASAN: use-after-free in blk_throtl_bio+0x12f0/0x2c70

Read of size 2 at addr ffff88801b8902d4 by task fio/26380

dump_stack+0x9b/0xce

print_address_description.constprop.6+0x3e/0x60

kasan_report.cold.9+0x22/0x3a

blk_throtl_bio+0x12f0/0x2c70

submit_bio_checks+0x701/0x1550

submit_bio_noacct+0x83/0xc80

submit_bio+0xa7/0x330

mpage_readahead+0x380/0x500

read_pages+0x1c1/0xbf0

page_cache_ra_unbounded+0x471/0x6f0

do_page_cache_ra+0xda/0x110

ondemand_readahead+0x442/0xae0

page_cache_async_ra+0x210/0x300

generic_file_buffered_read+0x4d9/0x2130

generic_file_read_iter+0x315/0x490

blkdev_read_iter+0x113/0x1b0

aio_read+0x2ad/0x450

io_submit_one+0xc8e/0x1d60

__se_sys_io_submit+0x125/0x350

do_syscall_64+0x2d/0x40

entry_SYSCALL_64_after_hwframe+0x44/0xa9

Allocated by task 26380:

kasan_save_stack+0x19/0x40

__kasan_kmalloc.constprop.2+0xc1/0xd0

kmem_cache_alloc+0x146/0x440

mempool_alloc+0x125/0x2f0

bio_alloc_bioset+0x353/0x590

mpage_alloc+0x3b/0x240

do_mpage_readpage+0xddf/0x1ef0

mpage_readahead+0x264/0x500

read_pages+0x1c1/0xbf0

page_cache_ra_unbounded+0x471/0x6f0

do_page_cache_ra+0xda/0x110

ondemand_readahead+0x442/0xae0

page_cache_async_ra+0x210/0x300

generic_file_buffered_read+0x4d9/0x2130

generic_file_read_iter+0x315/0x490

blkdev_read_iter+0x113/0x1b0

aio_read+0x2ad/0x450

io_submit_one+0xc8e/0x1d60

__se_sys_io_submit+0x125/0x350

do_syscall_64+0x2d/0x40

entry_SYSCALL_64_after_hwframe+0x44/0xa9

Freed by task 0:

kasan_save_stack+0x19/0x40

kasan_set_track+0x1c/0x30

kasan_set_free_info+0x1b/0x30

__kasan_slab_free+0x111/0x160

kmem_cache_free+0x94/0x460

mempool_free+0xd6/0x320

bio_free+0xe0/0x130

bio_put+0xab/0xe0

bio_endio+0x3a6/0x5d0

blk_update_request+0x590/0x1370

scsi_end_request+0x7d/0x400

scsi_io_completion+0x1aa/0xe50

scsi_softirq_done+0x11b/0x240

blk_mq_complete_request+0xd4/0x120

scsi_mq_done+0xf0/0x200

virtscsi_vq_done+0xbc/0x150

vring_interrupt+0x179/0x390

__handle_irq_event_percpu+0xf7/0x490

handle_irq_event_percpu+0x7b/0x160

handle_irq_event+0xcc/0x170

handle_edge_irq+0x215/0xb20

common_interrupt+0x60/0x120

asm_common_interrupt+0x1e/0x40

Fix this by move BIO_THROTTLED set into the queue_lock.

Solution(s)

  • amazon-linux-upgrade-kernel

References

  • ALAS-2025-1977
  • CVE-2022-49465

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;