fkie_cve-2022-49905
Vulnerability from fkie_nvd
Published
2025-05-01 15:16
Modified
2025-05-02 13:52
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
net/smc: Fix possible leaked pernet namespace in smc_init()
In smc_init(), register_pernet_subsys(&smc_net_stat_ops) is called
without any error handling.
If it fails, registering of &smc_net_ops won't be reverted.
And if smc_nl_init() fails, &smc_net_stat_ops itself won't be reverted.
This leaves wild ops in subsystem linkedlist and when another module
tries to call register_pernet_operations() it triggers page fault:
BUG: unable to handle page fault for address: fffffbfff81b964c
RIP: 0010:register_pernet_operations+0x1b9/0x5f0
Call Trace:
<TASK>
register_pernet_subsys+0x29/0x40
ebtables_init+0x58/0x1000 [ebtables]
...
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: Fix possible leaked pernet namespace in smc_init()\n\nIn smc_init(), register_pernet_subsys(\u0026smc_net_stat_ops) is called\nwithout any error handling.\nIf it fails, registering of \u0026smc_net_ops won\u0027t be reverted.\nAnd if smc_nl_init() fails, \u0026smc_net_stat_ops itself won\u0027t be reverted.\n\nThis leaves wild ops in subsystem linkedlist and when another module\ntries to call register_pernet_operations() it triggers page fault:\n\nBUG: unable to handle page fault for address: fffffbfff81b964c\nRIP: 0010:register_pernet_operations+0x1b9/0x5f0\nCall Trace:\n \u003cTASK\u003e\n register_pernet_subsys+0x29/0x40\n ebtables_init+0x58/0x1000 [ebtables]\n ..."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/smc: Se corrige una posible fuga de espacio de nombres pernet en smc_init(). En smc_init(), se llama a register_pernet_subsys(\u0026amp;smc_net_stat_ops) sin gestionar errores. Si falla, el registro de \u0026amp;smc_net_ops no se revertir\u00e1. Y si smc_nl_init() falla, \u0026amp;smc_net_stat_ops no se revertir\u00e1. Esto deja operaciones salvajes en la lista enlazada del subsistema y cuando otro m\u00f3dulo intenta llamar a register_pernet_operations() desencadena un error de p\u00e1gina: ERROR: no se puede manejar el error de p\u00e1gina para la direcci\u00f3n: fffffbfff81b964c RIP: 0010:register_pernet_operations+0x1b9/0x5f0 Rastreo de llamada: register_pernet_subsys+0x29/0x40 ebtables_init+0x58/0x1000 [ebtables] ... "
}
],
"id": "CVE-2022-49905",
"lastModified": "2025-05-02T13:52:51.693",
"metrics": {},
"published": "2025-05-01T15:16:15.593",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/61defd6450a9ef4a1487090449999b0fd83518ef"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/62ff373da2534534c55debe6c724c7fe14adb97f"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/c97daf836f7caf81d3144b8cd2b2a51f9bc3bd09"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…