What is the severity of CVE-2022-49127?

CVE-2022-49127 has been classified with a moderate severity level due to its potential for use-after-free vulnerabilities in the Linux kernel.

How do I fix CVE-2022-49127?

To remediate CVE-2022-49127, upgrade to the latest version of the Linux kernel that includes the necessary patches.

Which versions of the Linux kernel are affected by CVE-2022-49127?

CVE-2022-49127 affects versions of the Linux kernel from 5.17 to 5.17.3.

What is the nature of the vulnerability in CVE-2022-49127?

CVE-2022-49127 involves a use-after-free condition related to the handling of the struct ref_tracker_dir enabling potential exploitation.

When was CVE-2022-49127 disclosed?

CVE-2022-49127 was disclosed as part of updates to the Linux kernel in response to identified vulnerabilities.

Vulnerability/
CVE-2022-49127

high

7.8

CWE

416

26/2/2025

25/3/2025

CVE-2022-49127: ref_tracker: implement use-after-free detection

First published: Wed Feb 26 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: ref_tracker: implement use-after-free detection Whenever ref_tracker_dir_init() is called, mark the struct ref_tracker_dir as dead. Test the dead status from ref_tracker_alloc() and ref_tracker_free() This should detect buggy dev_put()/dev_hold() happening too late in netdevice dismantle process.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel
Linux Kernel	>=5.17<5.17.3

Remedy

https://git.kernel.org/stable/c/3743c9de303fa36c2e2ca2522ab280c52bcafbd2

Remedy

https://git.kernel.org/stable/c/e3ececfe668facd87d920b608349a32607060e66

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-49127?
CVE-2022-49127 has been classified with a moderate severity level due to its potential for use-after-free vulnerabilities in the Linux kernel.
How do I fix CVE-2022-49127?
To remediate CVE-2022-49127, upgrade to the latest version of the Linux kernel that includes the necessary patches.
Which versions of the Linux kernel are affected by CVE-2022-49127?
CVE-2022-49127 affects versions of the Linux kernel from 5.17 to 5.17.3.
What is the nature of the vulnerability in CVE-2022-49127?
CVE-2022-49127 involves a use-after-free condition related to the handling of the struct ref_tracker_dir enabling potential exploitation.
When was CVE-2022-49127 disclosed?
CVE-2022-49127 was disclosed as part of updates to the Linux kernel in response to identified vulnerabilities.

agent/first-publish-date
agent/type
agent/title
agent/author
agent/references
agent/source
agent/description
agent/severity
agent/guess-ai
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/remedy
agent/softwarecombine
agent/event
agent/tags
collector/nvd-api
source/NVD
vendor/linux kernel
canonical/linux kernel
vendor/linux
version/linux kernel/5.17

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.