PT-2025-8107 · Linux+4 · Linux Kernel+4

Yu Kuai

Published

2022-02-18

Updated

2025-11-18

CVE-2022-49179

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.19.90-yk #5

Description A use-after-free issue has been identified in the Linux kernel, specifically in the block, bfq module. The issue arises from the bfq put async bfqq function, which can lead to a write of size 8 at an address that has already been freed. This can cause a system crash or potentially allow an attacker to execute arbitrary code. The vulnerability is related to the bfq put async queues and bfq pd offline functions.

Recommendations For Linux kernel version 4.19.90-yk #5 and earlier, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_16880

BDU:2025-10587

CVE-2022-49179

LSN-0114-1

RHSA-2022:8267

RHSA-2022_8267

SUSE-SU-2025:01600-1

SUSE-SU-2025:02075-1

SUSE-SU-2025:02087-1

SUSE-SU-2025:02090-1

SUSE-SU-2025:02095-1

SUSE-SU-2025:02096-1

SUSE-SU-2025:02101-1

SUSE-SU-2025:02131-1

SUSE-SU-2025:02132-1

SUSE-SU-2025:02135-1

SUSE-SU-2025:02137-1

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:4123-1

SUSE-SU-2025_01600-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

USN-7627-1

USN-7627-2

Affected Products

Astra Linux

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2025-8107 · Linux+4 · Linux Kernel+4

CVE-2022-49179

Weakness Enumeration

Related Identifiers

Affected Products

References · 1627