Login Sign Up

CVE-2022-48782

7.8 HIGH
Denial of Service

📋 TL;DR

This CVE describes a use-after-free vulnerability in the Linux kernel's MCTP (Management Component Transport Protocol) subsystem. When mctp_key_add() fails, memory is freed but then incorrectly accessed in trace_mctp_key_acquire(), potentially allowing local attackers to crash the system or execute arbitrary code. This affects systems running vulnerable Linux kernel versions with MCTP enabled.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not explicitly stated in CVE, but patches exist in stable kernel trees
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable if MCTP subsystem is enabled/used. Many distributions may not have MCTP enabled by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to kernel-level code execution, potentially leading to complete system compromise.

🟠

Likely Case

Kernel panic or system crash causing denial of service.

🟢

If Mitigated

No impact if MCTP is disabled or system is patched.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring access to the system.
🏢 Internal Only: MEDIUM - Internal attackers with local access could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and MCTP functionality to be active. Exploitation would require triggering the specific code path.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patched in stable kernel versions via commits 1dd3ecbec5f606b2a526c47925c8634b1a6bb81e and 7e5b6a5c8c44310784c88c1c198dde79f6402f7b

Vendor Advisory: https://git.kernel.org/stable/c/1dd3ecbec5f606b2a526c47925c8634b1a6bb81e

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable MCTP subsystem

linux

Disable the MCTP kernel module if not required

echo 'blacklist mctp' >> /etc/modprobe.d/blacklist-mctp.conf
rmmod mctp

🧯 If You Can't Patch

  • Disable MCTP functionality if not required
  • Restrict local user access to systems where MCTP is enabled

🔍 How to Verify

Check if Vulnerable:

Check if MCTP module is loaded: lsmod | grep mctp. If loaded, check kernel version against patched versions.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and MCTP module loads without errors in dmesg.

📡 Detection & Monitoring

Log Indicators:

  • Kernel oops messages
  • System crashes/panics
  • dmesg errors related to MCTP or use-after-free

Network Indicators:

  • Not applicable - local vulnerability

SIEM Query:

Not applicable for network detection

📊 Metadata

CVE ID: CVE-2022-48782
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-416
Published: July 16, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-48782, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)