CVE-2022-49751: w1: fix WARNING after calling w1_process()
In the Linux kernel, the following vulnerability has been resolved:
w1: fix WARNING after calling w1_process()
I got the following WARNING message while removing driver(ds2482):
------------[ cut here ]------------
do not call blocking ops when !TASK_RUNNING; state=1 set at [<000000002d50bfb6>] w1_process+0x9e/0x1d0 [wire]
WARNING: CPU: 0 PID: 262 at kernel/sched/core.c:9817 __might_sleep+0x98/0xa0
CPU: 0 PID: 262 Comm: w1_bus_master1 Tainted: G N 6.1.0-rc3+ #307
RIP: 0010:__might_sleep+0x98/0xa0
Call Trace:
exit_signals+0x6c/0x550
do_exit+0x2b4/0x17e0
kthread_exit+0x52/0x60
kthread+0x16d/0x1e0
ret_from_fork+0x1f/0x30
The state of task is set to TASK_INTERRUPTIBLE in loop in w1_process(),
set it to TASK_RUNNING when it breaks out of the loop to avoid the
warning.
Security readout for executives and security teams
Plain-English summary
CVE-2022-49751 is a Linux kernel availability issue in the w1 1-Wire subsystem. The reported failure is a kernel warning during driver removal after w1_process() leaves task state inconsistent. It requires local privileges and has no cited active exploitation.
Executive priority
Handle through normal kernel patch governance, with higher priority for Linux systems that use 1-Wire hardware or removable w1 drivers. It is not currently supported as internet-exploited or remotely reachable in the supplied evidence.
Technical view
The flaw involves w1_process() setting TASK_INTERRUPTIBLE inside its loop and not restoring TASK_RUNNING after leaving the loop. During ds2482 driver removal, later blocking operations can trigger a scheduler warning. CVSS is 5.5 with local attack vector, low privileges, no user interaction, and high availability impact.
Likely exposure
Exposure appears limited to Linux systems with affected kernel versions and relevant w1/1-Wire driver use, including ds2482-related paths. The source bundle lists Linux as the affected product and includes multiple stable kernel references, but does not provide deployment prevalence.
Exploitation context
The bundle marks KEV as false and provides no source claiming active exploitation. The CVSS vector indicates local, low-privilege conditions with availability impact only. No remote attack path or confidentiality/integrity impact is supported by the supplied sources.
Researcher notes
The key behavior is task-state cleanup in w1_process(), not an application-layer flaw. The public data is sparse: it names the warning, CVSS vector, affected Linux product, and stable commits, but does not include a proof of exploitation or detailed operational mitigations.
Mitigation direction
Review vendor or distribution kernel advisories for CVE-2022-49751 applicability.
Update to a kernel containing the referenced stable w1 fix.
Prioritize systems using w1, 1-Wire, or ds2482-related drivers.
Where updates are delayed, review whether affected w1 drivers are required.
Validation and detection
Inventory Linux kernel versions across managed systems.
Check whether w1, wire, or ds2482 drivers are present or loaded.
Compare kernel builds against the referenced stable commits or vendor backports.
Monitor kernel logs for related w1_process or scheduler warnings.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cve · low confidence lookup
CVE-2022-49751 mapping review
Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.