CVE-2022-49390

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free bug has been identified in the Linux kernel's macsec module. This issue occurs when a new macsec device is created without obtaining a reference to the real device, leading to the real device being freed prematurely. The bug can be triggered by calling the macsec get iflink() function, which attempts to access the already freed real device. This results in a use-after-free error, as reported by the KASAN (Kernel Address Sanitizer). The bug is caused by the lack of proper reference counting for the real device in the macsec module.

Recommendations To resolve this issue, apply the fix by adding dev hold track() in macsec dev init() and dev put track() in macsec free netdev(). This will ensure proper reference counting for the real device and prevent the use-after-free bug.

Note: The exact versions of the Linux kernel that are affected by this vulnerability are not specified in the provided description. Therefore, it is recommended to apply the fix to all versions of the Linux kernel that are potentially vulnerable to this issue.