#VU104489 Use-after-free in Linux kernel - CVE-2022-49182

Cybersecurity Help s.r.o.

Published: 2025-02-26

Vulnerability identifier: #VU104489

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49182

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hclge_add_vport_vlan_table(), hclge_add_vport_all_vlan_table(), hclge_rm_vport_vlan_table(), hclge_rm_vport_all_vlan_table(), hclge_uninit_vport_vlan_table(), hclge_restore_vport_vlan_table() and hclge_uninit_ae_dev() functions in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

External links
https://git.kernel.org/stable/c/09e383ca97e798f9954189b741af54b5c51e7a97
https://git.kernel.org/stable/c/1932a624ab88ff407d1a1d567fe581faa15dc725
https://git.kernel.org/stable/c/30f0ff7176efe8ac6c55f85bce26ed58bb608758
https://git.kernel.org/stable/c/f58af41deeab0f45c9c80adf5f2de489ebbac3dd

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for the Linux Kernel

Use-after-free in Linux kernel hns3 hns3pf driver