#VU106177 Use-after-free in Linux kernel - CVE-2022-49755

Cybersecurity Help s.r.o.

Published: 2025-03-27

Vulnerability identifier: #VU106177

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49755

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __ffs_ep0_queue_wait() and functionfs_unbind() functions in drivers/usb/gadget/function/f_fs.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

External links
https://git.kernel.org/stable/c/6a19da111057f69214b97c62fb0ac59023970850
https://git.kernel.org/stable/c/6aee197b7fbcd61596a78b47d553f2f99111f217
https://git.kernel.org/stable/c/6dd9ea05534f323668db94fcc2726c7a84547e78
https://git.kernel.org/stable/c/a8d40942df074f4ebcb9bd3413596d92f323b064
https://git.kernel.org/stable/c/ae8e136bcaae96163b5821984de1036efc9abb1a
https://git.kernel.org/stable/c/e9036e951f93fb8d7b5e9d6e2c7f94a4da312ae4
https://git.kernel.org/stable/c/facf353c9e8d7885b686d9a4b173d4e0af6441d2

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for the Linux Kernel

Use-after-free in Linux kernel gadget function driver