CVE-2022-48909
📋 TL;DR
This CVE describes a connection leak vulnerability in the Linux kernel's SMC (Shared Memory Communications) subsystem. When specific race conditions occur during connection establishment, TCP connections may not be properly terminated, leading to resource exhaustion. This affects Linux systems using the SMC protocol.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Denial of service through connection pool exhaustion, potentially causing system instability or service unavailability.
Likely Case
Gradual resource consumption leading to degraded performance over time.
If Mitigated
Minimal impact with proper monitoring and connection limits in place.
🎯 Exploit Status
Exploitation requires specific race conditions during SMC connection establishment, making reliable exploitation difficult.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits 2e8d465b83db, 80895b6f9154, 9f1c50cf3916, or e98d46ccfa84
Vendor Advisory: https://git.kernel.org/stable/c/2e8d465b83db307f04ad265848f8ab3f78f6918f
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable SMC protocol
linuxDisable the SMC protocol if not required for your environment
echo 0 > /proc/sys/net/smc/smc_hs_crt_setting
echo 0 > /proc/sys/net/smc/smc_ism_crt_setting
🧯 If You Can't Patch
- Monitor connection counts and system resources for abnormal consumption
- Implement connection limits and timeouts for SMC connections
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if SMC is enabled: uname -r && cat /proc/sys/net/smc/smc_hs_crt_settingCheck Version:
uname -rVerify Fix Applied:
Verify kernel version contains fix commits and test SMC connection cleanup📡 Detection & Monitoring
Log Indicators:
- Kernel logs showing SMC connection establishment failures
- System logs showing increasing connection counts
Network Indicators:
- Unusually persistent SMC connections
- Failed connection cleanup attempts
SIEM Query:
source="kernel" AND "SMC" AND ("connection" OR "leak")