#VU104432 Use-after-free in Linux kernel - CVE-2022-49377

Cybersecurity Help s.r.o.

Published: 2025-02-26

Vulnerability identifier: #VU104432

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49377

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the blk_mq_has_sqsched() and blk_mq_get_sq_hctx() functions in block/blk-mq.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

External links
https://git.kernel.org/stable/c/460aa288c5cd0544dcf933a2f0ad0e8c6d2d35ff
https://git.kernel.org/stable/c/5d05426e2d5fd7df8afc866b78c36b37b00188b7
https://git.kernel.org/stable/c/70fdd922c7bf8949f8df109cf2635dff64c90392
https://git.kernel.org/stable/c/b140bac470b4f707cda59c7266214246238661df

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for the Linux Kernel

Use-after-free in Linux kernel block