CVE-2022-48958
📋 TL;DR
A memory leak vulnerability in the Linux kernel's Aeroflex Gaisler Ethernet driver could allow local attackers to cause denial of service through resource exhaustion. The vulnerability occurs when DMA mapping fails during ring buffer initialization, leaving allocated sk_buff structures unfreed. Systems using the affected Ethernet driver are at risk.
💻 Affected Systems
- Linux kernel with Aeroflex Gaisler Ethernet driver (greth)
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local attacker could exhaust kernel memory, causing system instability, crashes, or denial of service affecting all users and services on the system.
Likely Case
Local user with sufficient privileges could trigger the condition to degrade system performance or cause kernel panics.
If Mitigated
With proper access controls limiting local user privileges, impact is minimal as only privileged users could trigger the vulnerability.
🎯 Exploit Status
Requires local access and ability to trigger DMA mapping failures. No known public exploits exist.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing the fix commits: 063a932b64db3317ec020c94466fe52923a15f60 and related stable commits
Vendor Advisory: https://git.kernel.org/stable/c/063a932b64db3317ec020c94466fe52923a15f60
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel package. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable affected driver
linuxRemove or blacklist the greth Ethernet driver if not needed
echo 'blacklist greth' >> /etc/modprobe.d/blacklist.conf
rmmod greth
🧯 If You Can't Patch
- Restrict local user access to prevent unprivileged users from triggering the vulnerability
- Monitor system memory usage and kernel logs for signs of memory exhaustion
🔍 How to Verify
Check if Vulnerable:
Check if greth module is loaded: lsmod | grep greth. Check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated and greth module version matches patched kernel. Check dmesg for successful driver initialization.📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- Memory allocation failures in dmesg
- System instability logs
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("greth" OR "DMA mapping error" OR "skb leak")🔗 References
- https://git.kernel.org/stable/c/063a932b64db3317ec020c94466fe52923a15f60
- https://git.kernel.org/stable/c/223654e2e2c8d05347cd8e300f8d1ec6023103dd
- https://git.kernel.org/stable/c/87277bdf2c370ab2d07cfe77dfa9b37f82bbe1e5
- https://git.kernel.org/stable/c/99669d94ce145389f1d6f197e6e18ed50d43fb76
- https://git.kernel.org/stable/c/bfaa8f6c5b84b295dd73b0138b57c5555ca12b1c
- https://git.kernel.org/stable/c/c7adcbd0fd3fde1b19150c3e955fb4a30c5bd9b7
- https://git.kernel.org/stable/c/cb1e293f858e5e1152b8791047ed4bdaaf392189
- https://git.kernel.org/stable/c/dd62867a6383f78f75f07039394aac25924a3307
