CVE-2022-49100

virtio_console: eliminate anonymous module_init & module_exit

Time Line

Published

2024-03-19

Updated

2024-03-19

Firt exploit

2024-03-19

Overview

Descriptions (1)

MITRE

CWE (0)

CAPEC (-)

Risk

CVSS Score

SSVC

KEV

EPSS

Affected Products (-)

Vendors (1)

linux

Products (1)

linux_kernel

Versions (9)

< 4.9.311, < 4.14.276, < 4.19.238, < 5.4.189, < 5.10.111, < 5.15.34, < 5.16.20, < 5.17.3, < 5.18

Intel Resources (-)

Advisories (-)

Exploits (-)

Plugins (-)

References (9)

General (-)

Exploits & POcs (-)

Patches (9)

kernel

Advisories (-)

Summary

Descriptions

MITRE

In the Linux kernel, the following vulnerability has been resolved: virtio_console: eliminate anonymous module_init & module_exit Eliminate anonymous module_init() and module_exit(), which can lead to
confusion or ambiguity when reading System.map, crashes/oops/bugs,
or an initcall_debug log. Give each of these init and exit functions unique driver-specific
names to eliminate the anonymous names. Example 1: (System.map) ffffffff832fc78c t init ffffffff832fc79e t init ffffffff832fc8f8 t init Example 2: (initcall_debug log) calling init+0x0/0x12 @ 1 initcall init+0x0/0x12 returned 0 after 15 usecs calling init+0x0/0x60 @ 1 initcall init+0x0/0x60 returned 0 after 2 usecs calling init+0x0/0x9a @ 1 initcall init+0x0/0x9a returned 0 after 74 usecs

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-02-26 CVE Reserved
2025-02-26 CVE Published
2025-02-26 CVE Updated
---------- EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

Threat Intelligence Resources (0)

Advisories (0)
Exploits (0)

Security Advisory details:

Select an advisory to view details here.

Select	Title	Date

Select an exploit to view details here.

References (9)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/93e3d88321d2274fa4e26b006e19cc10fec331c2	2022-04-20
https://git.kernel.org/stable/c/7deaddb704713608e0ae559e27185581b9af71a0	2022-04-20
https://git.kernel.org/stable/c/0f3d824bd70a1303464d5e93ee3e7afe7832fe89	2022-04-15
https://git.kernel.org/stable/c/3504b0a177208eda85bf472bbf7c9aa77d2b8343	2022-04-15
https://git.kernel.org/stable/c/c69b442125bf009fce26e15aa5616caf8a3673c3	2022-04-13
https://git.kernel.org/stable/c/44c2d5fbe7b2bd1f8cb114d608a591a73a5d4ae6	2022-04-13
https://git.kernel.org/stable/c/3fd5dee7404ce40c79cba468bb2510115639d975	2022-04-13
https://git.kernel.org/stable/c/71612aee09ecea3475f8751dc841d75a011b1fd0	2022-04-13
https://git.kernel.org/stable/c/fefb8a2a941338d871e2d83fbd65fbfa068857bd	2022-03-18

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.9.311 Search vendor "Linux" for product "Linux Kernel" and version " < 4.9.311"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.14.276 Search vendor "Linux" for product "Linux Kernel" and version " < 4.14.276"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.19.238 Search vendor "Linux" for product "Linux Kernel" and version " < 4.19.238"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.4.189 Search vendor "Linux" for product "Linux Kernel" and version " < 5.4.189"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.10.111 Search vendor "Linux" for product "Linux Kernel" and version " < 5.10.111"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.15.34 Search vendor "Linux" for product "Linux Kernel" and version " < 5.15.34"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.16.20 Search vendor "Linux" for product "Linux Kernel" and version " < 5.16.20"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.17.3 Search vendor "Linux" for product "Linux Kernel" and version " < 5.17.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.18 Search vendor "Linux" for product "Linux Kernel" and version " < 5.18"		en		Affected

CVE-2022-49100

virtio_console: eliminate anonymous module_init & module_exit

Severity Score

Exploit Likelihood

Affected Versions

Public Exploits

Exploited in Wild

Decision

Summary

Descriptions

CVSS Scores

SSVC

Timeline

CWE

CAPEC

Threat Intelligence Resources (0)

References (9)

Affected Vendors, Products, and Versions