CVE-2022-48760: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-48760 addresses a vulnerability in the Linux kernel's USB core subsystem where processes could hang while waiting for usbkillurb() to return. The issue was discovered by the syzbot fuzzer and stems from memory-access ordering problems on SMP systems, specifically in the interaction between usbkillurb() and _usbhcdgivebackurb() functions (Kernel Git).

The vulnerability occurs due to improper memory barrier implementation in the USB core subsystem. When usbkillurb() and _usbhcdgivebackurb() operate concurrently on different CPUs, a memory access pattern known as 'Store Buffering' (SB) can cause reads to execute ahead of writes. This results in CPU 0 seeing an old un-decremented value of urb->use_count while CPU 1 sees an old un-incremented value of urb->reject, leading to processes hanging indefinitely (Kernel Git).

The vulnerability can cause processes to hang indefinitely while waiting for usbkillurb() to return, potentially affecting system stability and USB device management. This issue affects systems running the Linux kernel with USB support enabled (NVD).

The issue has been fixed by adding proper memory barriers using smpmb_after_atomic() in the affected code paths. The fix ensures proper memory-access ordering in the SB pattern by requiring a full barrier on both CPUs. The patch has been integrated into various Linux kernel versions and is available through distribution updates (Kernel Git).