CVE-2022-49275
📋 TL;DR
This is a use-after-free vulnerability in the Linux kernel's CAN (Controller Area Network) subsystem affecting m_can drivers. It allows attackers with local access to potentially crash the system or execute arbitrary code by exploiting improper skb (socket buffer) handling during transmission. Systems running affected Linux kernel versions with CAN hardware are vulnerable.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation to kernel-level code execution, leading to complete system compromise and potential persistence.
Likely Case
Kernel panic or system crash causing denial of service, potentially requiring physical intervention to restart.
If Mitigated
No impact if CAN interfaces are disabled or unused, or if proper access controls prevent local user exploitation.
🎯 Exploit Status
Requires local access and knowledge of CAN subsystem exploitation. Use-after-free vulnerabilities can be challenging to exploit reliably.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commits: 08d90846e438ac22dc56fc49ec0b0d195831c5ed, 2e8e79c416aae1de224c0f1860f2e3350fa171f8, 31417073493f302d26ab66b3abc098d43227b835, 4db7d6f481990dd179a9ee7126dc7aa31ea4fff3, 7728d937ec403a1ceff9483023252d2cb8777f81
Vendor Advisory: https://git.kernel.org/stable/c/
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable CAN subsystem
allUnload m_can drivers and disable CAN interfaces if not needed
sudo rmmod m_can
sudo modprobe -r m_can
sudo systemctl disable can* services if applicable
Restrict local access
allImplement strict access controls to prevent unauthorized local users
sudo userdel unauthorized_user
sudo passwd -l suspicious_account
🧯 If You Can't Patch
- Disable CAN hardware interfaces in BIOS/UEFI if possible
- Implement strict mandatory access controls (SELinux/AppArmor) to limit kernel exploitation impact
🔍 How to Verify
Check if Vulnerable:
Check if m_can module is loaded: lsmod | grep m_can AND check kernel version against vulnerable rangesCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is updated AND m_can module loads without errors in dmesg📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages in dmesg
- CAN subsystem crashes in system logs
- Unexpected m_can module reloads
Network Indicators:
- Unusual CAN bus traffic patterns if monitored
SIEM Query:
source="kernel" AND ("m_can" OR "CAN" OR "use-after-free") AND severity=high🔗 References
- https://git.kernel.org/stable/c/08d90846e438ac22dc56fc49ec0b0d195831c5ed
- https://git.kernel.org/stable/c/2e8e79c416aae1de224c0f1860f2e3350fa171f8
- https://git.kernel.org/stable/c/31417073493f302d26ab66b3abc098d43227b835
- https://git.kernel.org/stable/c/4db7d6f481990dd179a9ee7126dc7aa31ea4fff3
- https://git.kernel.org/stable/c/7728d937ec403a1ceff9483023252d2cb8777f81
- https://git.kernel.org/stable/c/869016a2938ac44f7b2fb7fc22c89edad99eb9b3
- https://git.kernel.org/stable/c/d3892a747ab16b1eb6593a19d29f62c3b3f020ac
- https://git.kernel.org/stable/c/d93ed9aff64968f4cdad690712eb4f48ae537bde
- https://git.kernel.org/stable/c/f43e64076ff1b1dcb893fb77ad1204105f710a29
