CVE-2022-49060 – A NULL pointer dereference vulnerability in the... (How to Fix)

Q: What is the severity of CVE-2022-49060?

CVE-2022-49060 has a CVSS score of 5.5 (MEDIUM). A NULL pointer dereference vulnerability in the Linux kernel's SMC (Shared Memory Communications) networking subsystem allows local attackers to cause a kernel panic (denial of service). This affects Linux systems with SMC enabled, primarily enterprise servers using IBM Power or System z architectures.

📋 TL;DR

A NULL pointer dereference vulnerability in the Linux kernel's SMC (Shared Memory Communications) networking subsystem allows local attackers to cause a kernel panic (denial of service). This affects Linux systems with SMC enabled, primarily enterprise servers using IBM Power or System z architectures.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected versions not explicitly stated in CVE, but patches exist for multiple stable branches (see references).

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable if SMC (Shared Memory Communications) is enabled and configured. SMC is typically used in IBM Power and System z environments.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attacker triggers kernel panic leading to system crash and denial of service, potentially disrupting critical services.

🟠

Likely Case

Local user or process causes system instability or crash through accidental or intentional triggering of the bug.

🟢

If Mitigated

Minimal impact if SMC is disabled or system has proper access controls limiting local user privileges.

🌐 Internet-Facing: LOW - Requires local access to exploit, not remotely exploitable.

🏢 Internal Only: MEDIUM - Local users or compromised processes could crash the system, affecting availability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW - Simple NULL pointer dereference that can be triggered by local users.

Exploitation requires local access and ability to interact with SMC networking functionality.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Multiple stable kernel versions with fixes available (see git.kernel.org references in CVE).

Vendor Advisory: https://git.kernel.org/stable/c/22025513ced3d599ee8b24169141c95cf2467a4a

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable SMC module

linux

Prevent loading of the vulnerable SMC kernel module if not required.

echo 'install smc /bin/false' >> /etc/modprobe.d/disable-smc.conf
rmmod smc

🧯 If You Can't Patch

Restrict local user access to systems using mandatory access controls or privilege separation.
Monitor system logs for kernel panic events and implement redundancy for critical services.

🔍 How to Verify

Check if Vulnerable:

Check if SMC module is loaded: lsmod | grep smc. If loaded and kernel version is unpatched, system may be vulnerable.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version matches patched version from your distribution and SMC module functions without crashes.

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages in /var/log/messages or dmesg
NULL pointer dereference errors mentioning smc_pnet_find_ib()

Network Indicators:

Unusual SMC protocol activity from local users

SIEM Query:

source="kernel" AND ("NULL pointer dereference" OR "kernel panic") AND "smc"

📊 Metadata

CVE ID: CVE-2022-49060

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.04% exploit probability (10th percentile)

Published: February 26, 2025

Last Updated: October 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49060, you might also want to check these: