#VU104738 Double free in Linux kernel - CVE-2022-49541

Cybersecurity Help s.r.o.

Published: 2025-02-26 | Updated: 2025-05-11

Vulnerability identifier: #VU104738

Vulnerability risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49541

CWE-ID: CWE-415

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the cifs_smb3_do_mount() function in fs/cifs/cifsfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: 5.18, 5.18 rc1, 5.18 rc2, 5.18 rc3, 5.18 rc5, 5.18 rc6, 5.18 rc7, 5.18 rc8, 5.18.1, 5.18.2

External links
https://git.kernel.org/stable/c/8378a51e3f8140f60901fb27208cc7a6e47047b5
https://git.kernel.org/stable/c/9a167fc440e5693c1cdd7f07071e05658bd9d89d
https://git.kernel.org/stable/c/ce0008a0e410cdd95f0d8cd81b2902ec10a660c4
https://git.kernel.org/stable/c/ee71f8f1cd3c8c4a251fd3e8abc89215ae3457cb
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.3

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for the Linux Kernel

Red Hat Enterprise Linux 9 update for kernel-rt

Red Hat Enterprise Linux 9 update for kernel

SUSE update for the Linux Kernel

Double free in Linux kernel cifs