Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveLinuxCVE-2022-48850
HistoryJul 16, 2024 - 1:15 p.m.

CVE-2022-48850

2024-07-1613:15:12
CWE-476
Linux
web.nvd.nist.gov
35
linux kernel
net-sysfs vulnerability
cve-2022-48850
panic triggering
removed netdevices
system shutdown

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.4

Confidence

High

EPSS

0

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

net-sysfs: add check for netdevice being present to speed_show

When bringing down the netdevice or system shutdown, a panic can be
triggered while accessing the sysfs path because the device is already
removed.

[  755.549084] mlx5_core 0000:12:00.1: Shutdown was called
[  756.404455] mlx5_core 0000:12:00.0: Shutdown was called
...
[  757.937260] BUG: unable to handle kernel NULL pointer dereference at           (null)
[  758.031397] IP: [<ffffffff8ee11acb>] dma_pool_alloc+0x1ab/0x280

crash> bt
...
PID: 12649  TASK: ffff8924108f2100  CPU: 1   COMMAND: "amsd"
...
 #9 [ffff89240e1a38b0] page_fault at ffffffff8f38c778
    [exception RIP: dma_pool_alloc+0x1ab]
    RIP: ffffffff8ee11acb  RSP: ffff89240e1a3968  RFLAGS: 00010046
    RAX: 0000000000000246  RBX: ffff89243d874100  RCX: 0000000000001000
    RDX: 0000000000000000  RSI: 0000000000000246  RDI: ffff89243d874090
    RBP: ffff89240e1a39c0   R8: 000000000001f080   R9: ffff8905ffc03c00
    R10: ffffffffc04680d4  R11: ffffffff8edde9fd  R12: 00000000000080d0
    R13: ffff89243d874090  R14: ffff89243d874080  R15: 0000000000000000
    ORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0018
#10 [ffff89240e1a39c8] mlx5_alloc_cmd_msg at ffffffffc04680f3 [mlx5_core]
#11 [ffff89240e1a3a18] cmd_exec at ffffffffc046ad62 [mlx5_core]
#12 [ffff89240e1a3ab8] mlx5_cmd_exec at ffffffffc046b4fb [mlx5_core]
#13 [ffff89240e1a3ae8] mlx5_core_access_reg at ffffffffc0475434 [mlx5_core]
#14 [ffff89240e1a3b40] mlx5e_get_fec_caps at ffffffffc04a7348 [mlx5_core]
#15 [ffff89240e1a3bb0] get_fec_supported_advertised at ffffffffc04992bf [mlx5_core]
#16 [ffff89240e1a3c08] mlx5e_get_link_ksettings at ffffffffc049ab36 [mlx5_core]
#17 [ffff89240e1a3ce8] __ethtool_get_link_ksettings at ffffffff8f25db46
#18 [ffff89240e1a3d48] speed_show at ffffffff8f277208
#19 [ffff89240e1a3dd8] dev_attr_show at ffffffff8f0b70e3
#20 [ffff89240e1a3df8] sysfs_kf_seq_show at ffffffff8eedbedf
#21 [ffff89240e1a3e18] kernfs_seq_show at ffffffff8eeda596
#22 [ffff89240e1a3e28] seq_read at ffffffff8ee76d10
#23 [ffff89240e1a3e98] kernfs_fop_read at ffffffff8eedaef5
#24 [ffff89240e1a3ed8] vfs_read at ffffffff8ee4e3ff
#25 [ffff89240e1a3f08] sys_read at ffffffff8ee4f27f
#26 [ffff89240e1a3f50] system_call_fastpath at ffffffff8f395f92

crash> net_device.state ffff89443b0c0000
  state = 0x5  (__LINK_STATE_START| __LINK_STATE_NOCARRIER)

To prevent this scenario, we also make sure that the netdevice is present.

Affected configurations

Nvd
Vulners
Node
linuxlinux_kernelRange<4.9.307
OR
linuxlinux_kernelRange4.104.14.272
OR
linuxlinux_kernelRange4.154.19.235
OR
linuxlinux_kernelRange4.205.4.185
OR
linuxlinux_kernelRange5.55.10.106
OR
linuxlinux_kernelRange5.115.15.29
OR
linuxlinux_kernelRange5.165.16.15
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/core/net-sysfs.c"
    ],
    "versions": [
      {
        "version": "1da177e4c3f4",
        "lessThan": "a7b9ab04c593",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "081369ad088a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "75fc8363227a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "8879b5313e9f",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "d15c9f6e3335",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "8d5e69d8fbf3",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "3a79f380b3e1",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "4224cfd7fb65",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/core/net-sysfs.c"
    ],
    "versions": [
      {
        "version": "4.9.307",
        "lessThanOrEqual": "4.9.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.14.272",
        "lessThanOrEqual": "4.14.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.19.235",
        "lessThanOrEqual": "4.19.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.4.185",
        "lessThanOrEqual": "5.4.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.10.106",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.15.29",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.16.15",
        "lessThanOrEqual": "5.16.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.17",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

debiancve 1
cvelist 1
nvd 1
osv 1
vulnrichment 1
redhatcve 1
ubuntucve 1
redos 1
nessus 8
openvas 4
debiancve
debiancve
CVE-2022-48850
2024-07-16 13:15:12
cvelist
cvelist
CVE-2022-48850 net-sysfs: add check for netdevice being present to speed_show
2024-07-16 12:25:17
nvd
nvd
CVE-2022-48850
2024-07-16 13:15:12
osv
osv
CVE-2022-48850
2024-07-16 13:15:00
vulnrichment
vulnrichment
CVE-2022-48850 net-sysfs: add check for netdevice being present to speed_show
2024-07-16 12:25:17
redhatcve
redhatcve
CVE-2022-48850
2024-07-16 20:24:56
ubuntucve
ubuntucve
CVE-2022-48850
2024-07-16 00:00:00
redos
redos
ROS-20240816-12
2024-08-16 00:00:00
nessus
nessus
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:2892-1)
2024-08-14 00:00:00
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:2940-1)
2024-08-17 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:2901-1)
2024-08-15 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2901-1)
2024-08-15 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2441)
2024-09-12 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2394)
2024-09-12 00:00:00

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.4

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2022-48850
debiancve1cvelist1nvd1osv1vulnrichment1redhatcve1ubuntucve1redos1nessus8openvas4