CVE-2022-48984
📋 TL;DR
This vulnerability in the Linux kernel's slcan driver allows a NULL pointer dereference when a freed work queue is accessed, causing a kernel crash. It affects systems using the slcan CAN bus driver with specific timing conditions where the network device isn't set UP but the tty interface receives data. The vulnerability can lead to denial of service.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to complete system crash and denial of service, potentially requiring physical access to restart affected systems.
Likely Case
System crash or kernel panic when specific conditions are met with slcan driver usage, resulting in temporary denial of service until system reboot.
If Mitigated
No impact if the slcan driver is not used or if systems are patched with the kernel fix.
🎯 Exploit Status
Exploitation requires specific timing conditions and access to trigger the slcan driver's work queue handling. The LTP test pty03 demonstrates the crash condition.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commit 9e2709d58a14a10eb00d919acd7dec071c33f8c8 or later
Vendor Advisory: https://git.kernel.org/stable/c/9e2709d58a14a10eb00d919acd7dec071c33f8c8
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commit. 2. For distributions: Use package manager to update kernel package. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable slcan module
linuxPrevent loading of the vulnerable slcan driver module
echo 'blacklist slcan' >> /etc/modprobe.d/blacklist.conf
rmmod slcan
Avoid slcan usage
linuxDo not use slcan driver for CAN bus communications
🧯 If You Can't Patch
- Ensure slcan driver is not loaded on critical systems
- Monitor systems for kernel crashes and implement rapid recovery procedures
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if slcan module is loaded: uname -r && lsmod | grep slcanCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commit: grep -q '9e2709d58a14a10eb00d919acd7dec071c33f8c8' /proc/version || echo 'Check kernel changelog'📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/kern.log or dmesg
- NULL pointer dereference errors mentioning slcan or workqueue
Network Indicators:
- Unexpected system reboots on CAN bus connected systems
SIEM Query:
source="kernel" AND ("slcan" OR "NULL pointer dereference" OR "kernel panic")