PT-2025-8279 · Linux+3 · Linux Kernel+3

Stephen Rothwell

Publicado

2022-06-06

Atualizado

2025-09-29

CVE-2022-49345

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, related to the xfrm4 protocol init() function, which was annotated with init and exported using EXPORT SYMBOL. This combination is problematic because the .init.text section is freed after initialization, and modules cannot use symbols annotated with init, potentially leading to a kernel panic. The issue was detected after a fix was applied to modpost, a tool that had been broken for a decade.

Recommendations Remove EXPORT SYMBOL from the xfrm4 protocol init() function to prevent the vulnerability, as the only in-tree call site is never compiled as modular.

Exploit

Correção

Improper Initialization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-665

Identificadores relacionados

ALSA-2025_16880

BDU:2026-03495

CVE-2022-49345

RHSA-2023:2458

RHSA-2023_2458

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

Produtos afetados

Astra Linux

Linux Kernel

Red Hat

Suse

PT-2025-8279 · Linux+3 · Linux Kernel+3

CVE-2022-49345

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 1345