What is the severity of CVE-2022-49905?

The severity of CVE-2022-49905 is categorized as medium due to the potential for namespace leakage.

How do I fix CVE-2022-49905?

To fix CVE-2022-49905, ensure you update your Linux kernel to the latest patched version.

Which versions of the Linux Kernel are affected by CVE-2022-49905?

CVE-2022-49905 affects multiple versions of the Linux kernel, particularly those before the patch was applied.

What component of the Linux Kernel does CVE-2022-49905 impact?

CVE-2022-49905 impacts the SMC (Shared Memory Communication) initialization component of the Linux kernel.

Is CVE-2022-49905 exploitable remotely?

CVE-2022-49905 is generally not considered exploitable remotely since it requires local access to affect the namespace.

Vulnerability/
CVE-2022-49905

1/5/2025

CVE-2022-49905: net/smc: Fix possible leaked pernet namespace in smc_init()

First published: Thu May 01 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix possible leaked pernet namespace in smc_init() In smc_init(), register_pernet_subsys(&smc_net_stat_ops) is called without any error handling. If it fails, registering of &smc_net_ops won't be reverted. And if smc_nl_init() fails, &smc_net_stat_ops itself won't be reverted. This leaves wild ops in subsystem linkedlist and when another module tries to call register_pernet_operations() it triggers page fault: BUG: unable to handle page fault for address: fffffbfff81b964c RIP: 0010:register_pernet_operations+0x1b9/0x5f0 Call Trace: <TASK> register_pernet_subsys+0x29/0x40 ebtables_init+0x58/0x1000 [ebtables] ...

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-49905?
The severity of CVE-2022-49905 is categorized as medium due to the potential for namespace leakage.
How do I fix CVE-2022-49905?
To fix CVE-2022-49905, ensure you update your Linux kernel to the latest patched version.
Which versions of the Linux Kernel are affected by CVE-2022-49905?
CVE-2022-49905 affects multiple versions of the Linux kernel, particularly those before the patch was applied.
What component of the Linux Kernel does CVE-2022-49905 impact?
CVE-2022-49905 impacts the SMC (Shared Memory Communication) initialization component of the Linux kernel.
Is CVE-2022-49905 exploitable remotely?
CVE-2022-49905 is generally not considered exploitable remotely since it requires local access to affect the namespace.

collector/mitre-cve
source/MITRE
agent/title
agent/references
agent/description
agent/first-publish-date
agent/type
agent/guess-ai
agent/software-canonical-lookup
agent/softwarecombine
collector/nvd-api
source/NVD
agent/last-modified-date
agent/author
agent/source
agent/tags
agent/event
vendor/linux
canonical/linux kernel

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.