Login Sign Up

CVE-2022-28390

7.8 HIGH

📋 TL;DR

This vulnerability is a double-free memory corruption flaw in the EMS CAN-USB driver in the Linux kernel. It allows local attackers to potentially crash the system or execute arbitrary code with kernel privileges. Systems using the ems_usb CAN driver are affected.

💻 Affected Systems

Products:
  • Linux kernel
Versions: All versions through 5.17.1
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable if ems_usb CAN driver is loaded and being used.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Hci Baseboard Management Controller by Netapp

View all CVEs affecting Hci Baseboard Management Controller →

Hci Baseboard Management Controller by Netapp

View all CVEs affecting Hci Baseboard Management Controller →

Hci Baseboard Management Controller by Netapp

View all CVEs affecting Hci Baseboard Management Controller →

Hci Baseboard Management Controller by Netapp

View all CVEs affecting Hci Baseboard Management Controller →

Hci Baseboard Management Controller by Netapp

View all CVEs affecting Hci Baseboard Management Controller →

Hci Baseboard Management Controller by Netapp

View all CVEs affecting Hci Baseboard Management Controller →

Hci Baseboard Management Controller by Netapp

View all CVEs affecting Hci Baseboard Management Controller →

Hci Baseboard Management Controller by Netapp

View all CVEs affecting Hci Baseboard Management Controller →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to kernel-level code execution leading to complete system compromise.

🟠

Likely Case

Kernel panic or system crash causing denial of service.

🟢

If Mitigated

Limited impact if driver not loaded or system not using CAN-USB devices.

🌐 Internet-Facing: LOW - Requires local access to exploit.
🏢 Internal Only: MEDIUM - Local attackers could exploit if driver is loaded.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and knowledge of driver usage patterns.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Linux kernel 5.17.2 and later

Vendor Advisory: https://github.com/torvalds/linux/commit/c70222752228a62135cee3409dccefd494a24646

Restart Required: Yes

Instructions:

1. Update kernel to 5.17.2 or later. 2. Reboot system. 3. Verify kernel version with 'uname -r'.

🔧 Temporary Workarounds

Disable ems_usb driver

linux

Prevent loading of vulnerable driver module

echo 'blacklist ems_usb' >> /etc/modprobe.d/blacklist-ems_usb.conf
rmmod ems_usb

🧯 If You Can't Patch

  • Ensure ems_usb driver is not loaded (check with 'lsmod | grep ems_usb')
  • Restrict physical and local access to systems using CAN-USB devices

🔍 How to Verify

Check if Vulnerable:

Check kernel version with 'uname -r' and verify if <= 5.17.1, then check if ems_usb module is loaded with 'lsmod | grep ems_usb'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is >= 5.17.2 with 'uname -r' and ensure ems_usb module is not loaded or updated

📡 Detection & Monitoring

Log Indicators:

  • Kernel oops messages
  • System crash/panic logs
  • CAN driver error messages

Network Indicators:

  • Unusual CAN bus traffic patterns

SIEM Query:

source="kernel" AND ("oops" OR "panic" OR "ems_usb")

📊 Metadata

CVE ID: CVE-2022-28390
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-415
Published: April 3, 2022
Last Updated: June 25, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-28390, you might also want to check these:

CVE-2020-35885 9.8

This vulnerability in the alpm-rs Rust crate allows double-free memory corruption due to improper de...

Same vulnerability type (CWE-415)
CVE-2021-29940 9.8

This vulnerability in the Rust 'through' crate allows double-free memory corruption when the map fun...

Same vulnerability type (CWE-415)
CVE-2023-49937 9.8

This CVE describes a double-free vulnerability in SchedMD Slurm workload manager that allows attacke...

Same vulnerability type (CWE-415)