#VU104474 Use-after-free in Linux kernel - CVE-2022-49085
Published: February 26, 2025 / Updated: May 11, 2025
Vulnerability identifier: #VU104474
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-49085
CWE-ID: CWE-416
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drbd_bitmap_io_from_worker(), notify_resource_state_change(), notify_connection_state_change(), notify_device_state_change(), notify_peer_device_state_change() and broadcast_state_change() functions in drivers/block/drbd/drbd_state.c, within the nla_put_notification_header(), notify_resource_state(), notify_device_state(), notify_connection_state(), notify_peer_device_state(), notify_initial_state_done() and get_initial_state() functions in drivers/block/drbd/drbd_nl.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.
External links
- https://git.kernel.org/stable/c/0489700bfeb1e53eb2039c2291c67e71b0b40103
- https://git.kernel.org/stable/c/188fe6b26765edbad4055611c0f788b6870f4024
- https://git.kernel.org/stable/c/226e993c39405292781bfcf4b039a8db56aab362
- https://git.kernel.org/stable/c/594205b4936771a250f9d141e7e0fff21c3dd2d9
- https://git.kernel.org/stable/c/a972c768723359ec995579902473028fe3cd64b1
- https://git.kernel.org/stable/c/aadb22ba2f656581b2f733deb3a467c48cc618f6
- https://git.kernel.org/stable/c/b6a4055036eed1f5e239ce3d8b0db1ce38bba447
- https://git.kernel.org/stable/c/dcf6be17b5c53b741898d2223b23e66d682de300
- https://git.kernel.org/stable/c/de63e74da2333b4068bb79983e632db730fea97e
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.20