PT-2025-18621 · Linux+1 · Linux Kernel+1
Published
2025-05-01
·
Updated
2025-05-02
·
CVE-2022-49904
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A null pointer dereference issue has been identified in the Linux kernel, specifically in the
neigh table clear() function. This issue occurs when the IPv6 module is initialized but encounters an error, resulting in a kernel panic. The panic is triggered by a null pointer dereference in the dev net() function when dev is NULL. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.Technical details about exploitation include:
- The
neigh table clear()function is vulnerable. - The
neigh ifdown()function is also affected, specifically whendevis NULL. - The
pneigh queue purge()function is called withdev net(dev == NULL), which triggers the null pointer dereference. - The
dev net()function is used with a NULLdevparameter, causing the issue.
Recommendations
To resolve this issue, pass NULL to
pneigh queue purge() in neigh ifdown() when dev is NULL, preventing the kernel from panicking immediately. As a temporary workaround, consider disabling the IPv6 module until a patch is available. Restrict access to the neigh table clear() function to minimize the risk of exploitation. Avoid using the dev net() function with a NULL dev parameter until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Linux Kernel