PT-2025-18622 · Linux+2 · Linux Kernel+2
Published
2022-11-02
·
Updated
2025-07-10
·
CVE-2022-49905
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A possible leaked pernet namespace in smc init() has been resolved. The issue occurs when register pernet subsys(&smc net stat ops) is called without error handling. If it fails, the registration of &smc net ops is not reverted, and if smc nl init() fails, &smc net stat ops itself is not reverted. This leaves wild operations in the subsystem's linked list, triggering a page fault when another module tries to call register pernet operations(). The error is characterized by an inability to handle a page fault for a specific address, followed by a call trace that includes register pernet subsys and ebtables init.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Memory Leak
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Astra Linux
Linux Kernel
Suse