Login Sign Up

CVE-2022-48734

5.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE describes a deadlock vulnerability in the Linux kernel's Btrfs filesystem where the quota disable operation can create a circular dependency with the qgroup rescan worker and other transaction-based tasks. This causes system hangs and denial of service for systems using Btrfs with quota features. Affected systems are Linux servers and devices running vulnerable kernel versions with Btrfs filesystems.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions before the fix commits (specific versions vary by distribution, generally kernels before 5.16 with backports)
Operating Systems: Linux distributions using Btrfs filesystem
Default Config Vulnerable: ✅ No
Notes: Only affects systems using Btrfs filesystem with quota features enabled. The vulnerability requires specific timing conditions during quota disable operations.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system hang requiring hard reboot, potential data corruption if filesystem operations are interrupted, and extended service disruption.

🟠

Likely Case

System becomes unresponsive during quota disable operations, requiring manual intervention to recover, causing temporary denial of service.

🟢

If Mitigated

Minor performance impact during quota operations with proper patching, no data loss or system compromise.

🌐 Internet-Facing: LOW - This is a local filesystem deadlock vulnerability that requires local access or specific filesystem operations to trigger.
🏢 Internal Only: MEDIUM - Internal systems using Btrfs with quota features could experience service disruption if vulnerable operations are performed.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires local access and specific timing conditions during quota operations. This is a reliability issue rather than a security bypass.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 26b3901d20bf9da2c6a00cb1fb48932166f80a45, 31198e58c09e21d4f65c49d2361f76b87aca4c3f, 32747e01436aac8ef93fe85b5b523b4f3b52f040, 89d4cca583fc9594ee7d1a0bc986886d6fb587e6, e804861bd4e69cc5fe1053eedcb024982dde8e48

Vendor Advisory: https://git.kernel.org/stable/c/26b3901d20bf9da2c6a00cb1fb48932166f80a45

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Check your distribution's security advisories for backported fixes. 3. Reboot the system after kernel update.

🔧 Temporary Workarounds

Avoid quota disable operations

linux

Do not disable quotas on Btrfs filesystems while other filesystem operations are running

Disable Btrfs quota features

linux

If not needed, avoid using Btrfs quota features entirely

btrfs quota disable /mount/point

🧯 If You Can't Patch

  • Avoid concurrent filesystem operations when managing quotas
  • Monitor system for hung tasks and have reboot procedures ready

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if using Btrfs with quotas: uname -r and check /etc/fstab for btrfs mounts

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits or check with distribution's security update status

📡 Detection & Monitoring

Log Indicators:

  • Kernel logs showing hung tasks
  • Messages about btrfs-qgroup-rescan worker blocked
  • Transaction commit timeouts

SIEM Query:

source="kernel" AND ("hung_task" OR "blocked for more than" OR "btrfs-qgroup-rescan")

📊 Metadata

CVE ID: CVE-2022-48734
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-667
Published: June 20, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-48734, you might also want to check these:

CVE-2020-12658 9.8

CVE-2020-12658 is a critical vulnerability in gssproxy (GSS-API proxy daemon) where improper mutex h...

Same vulnerability type (CWE-667)
CVE-2020-11284 8.4

This vulnerability allows non-secure boot loaders to unlock and modify memory regions that should re...

Same vulnerability type (CWE-667)
CVE-2021-22530 8.2

CVE-2021-22530 is an authentication bypass vulnerability in NetIQ Advanced Authentication that allow...

Same vulnerability type (CWE-667)