{"id":"CVE-2022-49685","summary":"iio: trigger: sysfs: fix use-after-free on remove","details":"In the Linux kernel, the following vulnerability has been resolved:\n\niio: trigger: sysfs: fix use-after-free on remove\n\nEnsure that the irq_work has completed before the trigger is freed.\n\n ==================================================================\n BUG: KASAN: use-after-free in irq_work_run_list\n Read of size 8 at addr 0000000064702248 by task python3/25\n\n Call Trace:\n  irq_work_run_list\n  irq_work_tick\n  update_process_times\n  tick_sched_handle\n  tick_sched_timer\n  __hrtimer_run_queues\n  hrtimer_interrupt\n\n Allocated by task 25:\n  kmem_cache_alloc_trace\n  iio_sysfs_trig_add\n  dev_attr_store\n  sysfs_kf_write\n  kernfs_fop_write_iter\n  new_sync_write\n  vfs_write\n  ksys_write\n  sys_write\n\n Freed by task 25:\n  kfree\n  iio_sysfs_trig_remove\n  dev_attr_store\n  sysfs_kf_write\n  kernfs_fop_write_iter\n  new_sync_write\n  vfs_write\n  ksys_write\n  sys_write\n\n ==================================================================","modified":"2026-03-20T12:22:29.088076Z","published":"2025-02-26T02:24:12.143Z","related":["SUSE-SU-2025:1027-1","SUSE-SU-2025:1176-1","SUSE-SU-2025:1183-1","SUSE-SU-2025:1194-1","SUSE-SU-2025:1241-1","SUSE-SU-2025:1263-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49685.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/31ff3309b47d98313c61b8301bf595820cc3cc33"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4687c3f955240ca2a576bdc3f742d4d915b6272d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4ef1e521be610b720daeb7cf899fedc7db0274c4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5e39397d60dacc7f5d81d442c1c958eaaaf31128"},{"type":"WEB","url":"https://git.kernel.org/stable/c/78601726d4a59a291acc5a52da1d3a0a6831e4e8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b07a30a774b3c3e584a68dc91779c68ea2da4813"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d6111e7bdb8ec27eb43d01c4cd4ff1620a75f7f2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fd5d8fb298a2866c337da635c79d63c3afabcaf7"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49685.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49685"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"f38bc926d022ebd67baad6ac7fc22c95fbc6238c"},{"fixed":"d6111e7bdb8ec27eb43d01c4cd4ff1620a75f7f2"},{"fixed":"fd5d8fb298a2866c337da635c79d63c3afabcaf7"},{"fixed":"31ff3309b47d98313c61b8301bf595820cc3cc33"},{"fixed":"5e39397d60dacc7f5d81d442c1c958eaaaf31128"},{"fixed":"b07a30a774b3c3e584a68dc91779c68ea2da4813"},{"fixed":"4687c3f955240ca2a576bdc3f742d4d915b6272d"},{"fixed":"4ef1e521be610b720daeb7cf899fedc7db0274c4"},{"fixed":"78601726d4a59a291acc5a52da1d3a0a6831e4e8"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49685.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}