CVE-2022-49195
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's DSA (Distributed Switch Architecture) subsystem causes kernel panics during system shutdown when multi-chip switch trees fail to initialize properly. This affects systems using DSA for network switching with multiple switch chips. The vulnerability can lead to denial of service during shutdown procedures.
💻 Affected Systems
- Linux kernel with DSA subsystem
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic during system shutdown, potentially causing data corruption or requiring manual intervention to recover the system.
Likely Case
System fails to shut down cleanly when DSA multi-chip configuration fails to probe correctly, requiring hard reset.
If Mitigated
Clean shutdown with proper patching or workarounds in place.
🎯 Exploit Status
Exploitation requires specific DSA configuration failure conditions and local system access to trigger shutdown.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 8fd36358ce82382519b50b05f437493e1e00c4a9, 95df5cd5a446df6738d2d45872e08594819080e4, b6e668ff43ebd87ccc8a19e5481345c428672295, b864d5350c18bea9369d0bdd9e7eb6f6172cc283
Vendor Advisory: https://git.kernel.org/stable/c/8fd36358ce82382519b50b05f437493e1e00c4a9
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check your distribution's security advisories for backported patches. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Avoid DSA multi-chip configurations
linuxDo not use DSA with multi-chip switch trees if possible
Use single-chip DSA configuration
linuxConfigure DSA to use single switch chip instead of multi-chip trees
🧯 If You Can't Patch
- Avoid using DSA multi-chip switch configurations
- Implement monitoring for system shutdown failures and have recovery procedures ready
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if DSA multi-chip configuration is used: 'uname -r' and check DSA configuration in /sys/class/net/Check Version:
uname -rVerify Fix Applied:
Verify kernel version contains fix commits: 'uname -r' and check kernel changelog for the specific commits📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages during shutdown
- NULL pointer dereference errors in kernel logs
- DSA probe failure messages
SIEM Query:
kernel.panic OR "NULL pointer dereference" AND "DSA" OR "dsa_switch_shutdown"