Login Sign Up

CVE-2022-49173

5.5 MEDIUM
Denial of Service

📋 TL;DR

A vulnerability in the Linux kernel's FSI SPI driver could cause denial of service through infinite polling loops. If the hardware enters a bad state, the driver may hang indefinitely while waiting for status updates, affecting systems using this specific SPI controller interface.

💻 Affected Systems

Products:
  • Linux kernel with FSI SPI driver enabled
Versions: Linux kernel versions before the fix commits (specific versions vary by distribution)
Operating Systems: Linux
Default Config Vulnerable: ✅ No
Notes: Only vulnerable if CONFIG_SPI_FSI is enabled and the hardware uses FSI-based SPI controller.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system hang requiring hard reboot, potentially causing data loss or service disruption in critical systems.

🟠

Likely Case

SPI communication failure leading to device malfunction or service interruption for hardware using this interface.

🟢

If Mitigated

Driver returns error instead of hanging, allowing system to handle the failure gracefully.

🌐 Internet-Facing: LOW - This is a hardware interface driver issue requiring local access to SPI hardware.
🏢 Internal Only: MEDIUM - Could affect embedded systems, servers, or devices using the FSI SPI controller.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires ability to trigger hardware faults in the SPI controller, which typically requires physical access or privileged software access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 89b35e3f28514087d3f1e28e8f5634fbfd07c554, d4982ceb137e6ecd2b466a6de639790a148cf19a, dac1438f347d3b8cf892105c94e254f29c5764de

Vendor Advisory: https://git.kernel.org/stable/c/89b35e3f28514087d3f1e28e8f5634fbfd07c554

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Rebuild kernel if compiling from source. 3. Reboot system to load patched kernel.

🔧 Temporary Workarounds

Disable FSI SPI driver

linux

Remove or disable the vulnerable driver module if not needed

modprobe -r spi_fsi
echo 'blacklist spi_fsi' >> /etc/modprobe.d/blacklist.conf

🧯 If You Can't Patch

  • Monitor system for SPI communication failures or unexpected hangs
  • Implement watchdog timers to detect and recover from potential hangs

🔍 How to Verify

Check if Vulnerable:

Check if spi_fsi module is loaded: lsmod | grep spi_fsi

Check Version:

uname -r

Verify Fix Applied:

Check kernel version includes fix commits or verify driver returns errors instead of hanging on timeout

📡 Detection & Monitoring

Log Indicators:

  • Kernel logs showing SPI timeout errors
  • System watchdog reboots
  • SPI device communication failures

Network Indicators:

  • None - this is a local hardware interface issue

SIEM Query:

Search for: 'spi_fsi timeout' OR 'kernel panic' OR 'watchdog reboot' in system logs

📊 Metadata

CVE ID: CVE-2022-49173
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score: 0.04% exploit probability (11.3th percentile)
Published: February 26, 2025
Last Updated: October 22, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON