CVE-2022-49345

net: xfrm: unexport __init-annotated xfrm4_protocol_init()

Time Line

Published

2024-03-19

Updated

2024-03-19

Firt exploit

2024-03-19

Overview

Descriptions (1)

MITRE

CWE (0)

CAPEC (-)

Risk

CVSS Score

SSVC

KEV

EPSS

Affected Products (-)

Vendors (1)

linux

Products (1)

linux_kernel

Versions (9)

>= 3.15 < 4.9.318, >= 3.15 < 4.14.283, >= 3.15 < 4.19.247, >= 3.15 < 5.4.198, >= 3.15 < 5.10.122, >= 3.15 < 5.15.47, >= 3.15 < 5.17.15, >= 3.15 < 5.18.4, >= 3.15 < 5.19

Intel Resources (-)

Advisories (-)

Exploits (-)

Plugins (-)

References (10)

General (1)

kernel

Exploits & POcs (-)

Patches (9)

kernel

Advisories (-)

Summary

Descriptions

MITRE

In the Linux kernel, the following vulnerability has been resolved: net: xfrm: unexport __init-annotated xfrm4_protocol_init() EXPORT_SYMBOL and __init is a bad combination because the .init.text
section is freed up after the initialization. Hence, modules cannot
use symbols annotated __init. The access to a freed symbol may end up
with kernel panic. modpost used to detect it, but it has been broken for a decade. Recently, I fixed modpost so it started to warn it again, then this
showed up in linux-next builds. There are two ways to fix it: - Remove __init - Remove EXPORT_SYMBOL I chose the latter for this case because the only in-tree call-site,
net/ipv4/xfrm4_policy.c is never compiled as modular.
(CONFIG_XFRM is boolean)

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-02-26 CVE Reserved
2025-02-26 CVE Published
2025-02-26 CVE Updated
---------- EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

Threat Intelligence Resources (0)

Advisories (0)
Exploits (0)

Security Advisory details:

Select an advisory to view details here.

Select	Title	Date

Select an exploit to view details here.

References (10)

URL	Tag	Source
https://git.kernel.org/stable/c/2f32b51b609faea1e40bb8c5bd305f1351740936	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/c58d82a1264813e69119c13e9804e2e60b664ad5	2022-06-14
https://git.kernel.org/stable/c/e53cd3814504b2cadaba4d5a8a07eeea9ddacd03	2022-06-14
https://git.kernel.org/stable/c/31f3c6a4dcd3260a386e62cef2d5b36e902600a1	2022-06-14
https://git.kernel.org/stable/c/ef6d2354de238b065d8799c80da4be9a6af18e39	2022-06-14
https://git.kernel.org/stable/c/be3884d5cd04ccd58294b83a02d70b7c5fca19d3	2022-06-14
https://git.kernel.org/stable/c/85a055c03691e51499123194a14a0c249cf33227	2022-06-14
https://git.kernel.org/stable/c/e04d59cfe0c0129df7aba7ef7bb17b96be2a64f2	2022-06-14
https://git.kernel.org/stable/c/2b253fbc9f7b5db18d716436bdcf8ecef09fd63d	2022-06-14
https://git.kernel.org/stable/c/4a388f08d8784af48f352193d2b72aaf167a57a1	2022-06-08

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.15 < 4.9.318 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.15 < 4.9.318"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.15 < 4.14.283 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.15 < 4.14.283"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.15 < 4.19.247 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.15 < 4.19.247"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.15 < 5.4.198 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.15 < 5.4.198"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.15 < 5.10.122 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.15 < 5.10.122"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.15 < 5.15.47 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.15 < 5.15.47"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.15 < 5.17.15 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.15 < 5.17.15"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.15 < 5.18.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.15 < 5.18.4"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.15 < 5.19 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.15 < 5.19"		en		Affected

CVE-2022-49345

net: xfrm: unexport __init-annotated xfrm4_protocol_init()

Severity Score

Exploit Likelihood

Affected Versions

Public Exploits

Exploited in Wild

Decision

Summary

Descriptions

CVSS Scores

SSVC

Timeline

CWE

CAPEC

Threat Intelligence Resources (0)

References (10)

Affected Vendors, Products, and Versions