CVE-2022-48674
📋 TL;DR
This is a use-after-free vulnerability in the Linux kernel's EROFS filesystem implementation that occurs specifically on UP (Uniprocessor) platforms. It allows an attacker to cause memory corruption, potentially leading to system crashes or arbitrary code execution with kernel privileges. Systems running affected Linux kernel versions with EROFS enabled are vulnerable.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel privilege escalation leading to full system compromise, denial of service through system crashes, or data corruption.
Likely Case
System instability, crashes, or denial of service when EROFS filesystems are under stress on UP systems.
If Mitigated
Minimal impact if EROFS is not used or systems are patched; UP systems are rare in production environments.
🎯 Exploit Status
Exploitation requires local access and ability to trigger EROFS operations. The race condition makes timing-dependent exploitation challenging but possible.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 2f44013e39984c127c6efedf70e6b5f4e9dcf315, 8ddd001cef5e82d19192e6861068463ecca5f556, 94c34faaafe7b55adc2d8d881db195b646959b9e
Vendor Advisory: https://git.kernel.org/stable/c/2f44013e39984c127c6efedf70e6b5f4e9dcf315
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check your distribution's security advisories for specific patched kernel versions. 3. Reboot the system after kernel update.
🔧 Temporary Workarounds
Disable EROFS support
linuxRemove EROFS filesystem support from kernel configuration if not needed
Rebuild kernel with CONFIG_EROFS_FS=n
Use SMP configuration
linuxEnable SMP (CONFIG_SMP=y) if hardware supports it, as vulnerability only affects UP platforms
Rebuild kernel with CONFIG_SMP=y
🧯 If You Can't Patch
- Avoid using EROFS filesystems on vulnerable systems
- Restrict local user access to systems running vulnerable kernels
- Monitor for system crashes or unusual behavior related to filesystem operations
🔍 How to Verify
Check if Vulnerable:
Check kernel version and configuration: 1. Run 'uname -r' to check kernel version. 2. Check if CONFIG_SMP is disabled and CONFIG_EROFS_FS is enabled in /boot/config-$(uname -r) or /proc/config.gzCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is patched by checking if it includes the fix commits or is newer than vulnerable versions. Check with 'uname -r' and compare with distribution security advisories.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- KASAN reports of use-after-free in erofs functions
- System crashes during filesystem operations
- Messages related to EROFS in dmesg or kernel logs
Network Indicators:
- None - this is a local vulnerability
SIEM Query:
Search for: kernel panic, KASAN, use-after-free, erofs, pcluster in system logs🔗 References
- https://git.kernel.org/stable/c/2f44013e39984c127c6efedf70e6b5f4e9dcf315
- https://git.kernel.org/stable/c/8ddd001cef5e82d19192e6861068463ecca5f556
- https://git.kernel.org/stable/c/94c34faaafe7b55adc2d8d881db195b646959b9e
- https://git.kernel.org/stable/c/2f44013e39984c127c6efedf70e6b5f4e9dcf315
- https://git.kernel.org/stable/c/8ddd001cef5e82d19192e6861068463ecca5f556
- https://git.kernel.org/stable/c/94c34faaafe7b55adc2d8d881db195b646959b9e
