CVE-2022-49262
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's octeontx2 crypto driver allows local attackers to cause a kernel panic (denial of service) when dm-crypt is enabled. This affects systems using Cavium/OCTEON TX2 processors with the vulnerable driver loaded. The vulnerability requires local access to trigger.
💻 Affected Systems
- Linux kernel with octeontx2 crypto driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local attacker causes complete system crash/kernel panic, leading to denial of service and potential data loss from unsaved work.
Likely Case
System crash requiring reboot, causing temporary service disruption.
If Mitigated
No impact if proper access controls prevent local users from loading/unloading kernel modules.
🎯 Exploit Status
Exploitation requires local access and ability to trigger driver operations with dm-crypt enabled.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 2d841af23ae8f398c85dd1ff2dc24b5ec8ba4569, a1bf728f3388ac3a2c2dffa57e25622e90b9f6f2, a462214866eebbca87e13ff6d73092b1c4895624, e6374086f249295121384bfaa7cdcc8d461146f0
Vendor Advisory: https://git.kernel.org/stable/c/2d841af23ae8f398c85dd1ff2dc24b5ec8ba4569
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Rebuild kernel if compiling from source. 3. Reboot system to load patched kernel.
🔧 Temporary Workarounds
Disable octeontx2 crypto driver
linuxPrevent loading of vulnerable driver module
echo 'blacklist octeontx2_cpt' >> /etc/modprobe.d/blacklist.conf
rmmod octeontx2_cpt
Disable dm-crypt
linuxRemove CONFIG_DM_CRYPT from kernel configuration
Edit kernel config to remove CONFIG_DM_CRYPT=y and rebuild kernel
🧯 If You Can't Patch
- Restrict local user access to prevent loading/unloading kernel modules
- Implement strict access controls to limit who can interact with crypto subsystems
🔍 How to Verify
Check if Vulnerable:
Check if octeontx2_cpt driver is loaded: lsmod | grep octeontx2_cpt. Check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits. Check that driver operates normally with dm-crypt enabled.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages mentioning NULL pointer dereference at 0x8
- Call trace including crypto_unregister_alg, otx2_cpt_crypto_exit
- System crash/reboot logs
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("NULL pointer dereference" OR "otx2_cpt" OR "crypto_unregister_alg")