CVE-2022-49394: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a vulnerability was discovered in the block I/O latency controller (blk-iolatency) that could lead to system hangs. The issue occurs when tracking the number of inflight I/Os per cgroup, where disabling the tracking without proper synchronization can result in leaked inflight counts (Kernel Git).

The vulnerability stems from an implementation flaw in the iolatencypdoffline() function, which can manipulate the enabled counter without freezing the request queue. This can occur while I/Os are in flight, leading to count leaks. The issue manifests when iolatency is enabled on an empty cgroup while I/Os are in flight in other cgroups, and then the empty cgroup is removed. If a cgroup with stuck inflight ends up getting throttled, the throttled I/Os will never get issued as there's no completion event to wake it up, resulting in an indefinite hang (Kernel Git).

When exploited, this vulnerability can cause system hangs due to I/O operations becoming indefinitely stuck. This occurs because throttled I/Os never get issued when there's no completion event to wake them up, effectively freezing the affected system's I/O operations (Kernel Git).

The issue has been fixed by unifying enable handling into a work item that is automatically triggered from iolatencysetminlatnsec(). This work item is called from both iolatencysetlimit() and iolatencypdoffline() paths. The fix ensures proper synchronization by freezing the queue while flipping the enabled state, preventing inflight count leaks (Kernel Git).