Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 914155 (CVE-2022-47022)

Summary: <sys-apps/hwloc-2.9.3: Denial of service
Product: Gentoo Security Reporter: Sam James <sam>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: IN_PROGRESS ---    
Severity: normal CC: cluster
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
See Also:
Whiteboard: B3 [stable?]
Package list:
Runtime testing required: ---

Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2023-09-14 03:01:51 UTC
+Version 2.9.3
+* Handle Linux glibc allocation errors in binding routines (CVE-2022-47022).
+* Fix hwloc-calc when searching objects on heterogeneous memory platforms,
+  thanks to Antoine Morvan for the report.
+* Fix hwloc_get_next_child() when there are some memory-side caches.
+* Don't crash if the topology is empty because Linux cgroups are wrong.
+* Improve some hwloc-bind warnings in case of command-line parsing errors.
+* Many documentation improvements all over the place, including:
+  + hwloc_topology_restrict() and hwloc_topology_insert_group() may reorder
+    children, causing the logical indexes of objects to change.

"An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c."
Comment 1 Larry the Git Cow gentoo-dev 2023-09-14 03:41:07 UTC
The bug has been referenced in the following commit(s):

commit 7852d7a47a8c2f8c68c063680c38aa4c12a3d04d
Author:     Sam James <>
AuthorDate: 2023-09-14 03:15:43 +0000
Commit:     Sam James <>
CommitDate: 2023-09-14 03:15:49 +0000

    sys-apps/hwloc: add 2.9.3
    Signed-off-by: Sam James <>

 sys-apps/hwloc/Manifest           |   1 +
 sys-apps/hwloc/hwloc-2.9.3.ebuild | 120 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 121 insertions(+)