What is the severity of CVE-2022-49384?

CVE-2022-49384 is classified as a medium severity vulnerability due to the double free issue in the Linux kernel.

How do I fix CVE-2022-49384?

To fix CVE-2022-49384, update your Linux kernel to a version that includes the patch, specifically version 5.15.46 or later, 5.17.14 or later, or 5.18.3 or later.

What version of the Linux kernel is affected by CVE-2022-49384?

CVE-2022-49384 affects Linux kernel versions between 5.15.17 and 5.15.46, 5.16.3 and 5.17.14, and 5.18 and 5.18.3.

What function is primarily impacted by CVE-2022-49384?

CVE-2022-49384 primarily impacts the 'md' (multiple devices) functionality in the Linux kernel due to a double free of the 'io_acct_set' bioset.

Is CVE-2022-49384 present in all Linux distributions?

CVE-2022-49384 may not be present in all Linux distributions, as it depends on whether the specific kernel versions are used that contain the vulnerability.

Vulnerability/
CVE-2022-49384

high

7.8

CWE

415

26/2/2025

17/4/2025

CVE-2022-49384: md: fix double free of io_acct_set bioset

First published: Wed Feb 26 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: md: fix double free of io_acct_set bioset Now io_acct_set is alloc and free in personality. Remove the codes that free io_acct_set in md_free and md_stop.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel
Linux Kernel	>=5.15.17<5.15.46
Linux Kernel	>=5.16.3<5.17.14
Linux Kernel	>=5.18<5.18.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-49384?
CVE-2022-49384 is classified as a medium severity vulnerability due to the double free issue in the Linux kernel.
How do I fix CVE-2022-49384?
To fix CVE-2022-49384, update your Linux kernel to a version that includes the patch, specifically version 5.15.46 or later, 5.17.14 or later, or 5.18.3 or later.
What version of the Linux kernel is affected by CVE-2022-49384?
CVE-2022-49384 affects Linux kernel versions between 5.15.17 and 5.15.46, 5.16.3 and 5.17.14, and 5.18 and 5.18.3.
What function is primarily impacted by CVE-2022-49384?
CVE-2022-49384 primarily impacts the 'md' (multiple devices) functionality in the Linux kernel due to a double free of the 'io_acct_set' bioset.
Is CVE-2022-49384 present in all Linux distributions?
CVE-2022-49384 may not be present in all Linux distributions, as it depends on whether the specific kernel versions are used that contain the vulnerability.

collector/mitre-cve
source/MITRE
agent/first-publish-date
agent/type
agent/title
agent/weakness
agent/references
agent/source
agent/author
agent/description
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/tags
agent/last-modified-date
agent/remedy
agent/severity
agent/softwarecombine
agent/event
collector/nvd-api
source/NVD
vendor/linux
canonical/linux kernel
version/linux kernel/5.15.17
version/linux kernel/5.16.3
version/linux kernel/5.18

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2022-49384: md: fix double free of io_acct_set bioset

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-49384?

How do I fix CVE-2022-49384?

What version of the Linux kernel is affected by CVE-2022-49384?

What function is primarily impacted by CVE-2022-49384?

Is CVE-2022-49384 present in all Linux distributions?

Company

Resources

Contact