CVE-2022-49433 – This vulnerability in the Linux kernel's RDMA h... (How to Fix)

Q: What is the severity of CVE-2022-49433?

CVE-2022-49433 has a CVSS score of 5.5 (MEDIUM). This vulnerability in the Linux kernel's RDMA hfi1 driver allows a use-after-initialization condition where a lock is accessed before being properly initialized during device probe failures. This affects systems using InfiniBand hardware with the hfi1 driver. The issue can cause kernel panics or system instability during device initialization failures.

📋 TL;DR

This vulnerability in the Linux kernel's RDMA hfi1 driver allows a use-after-initialization condition where a lock is accessed before being properly initialized during device probe failures. This affects systems using InfiniBand hardware with the hfi1 driver. The issue can cause kernel panics or system instability during device initialization failures.

💻 Affected Systems

Products:

Linux kernel with hfi1 RDMA driver

Versions: Linux kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions with affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using Intel Omni-Path or InfiniBand hardware with hfi1 driver loaded.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service during device initialization failures.

🟠

Likely Case

System instability or crash when hfi1 driver fails to initialize properly, requiring reboot.

🟢

If Mitigated

Minor system disruption during device initialization failures with proper error handling.

🌐 Internet-Facing: LOW - Requires local access to trigger device initialization failures.

🏢 Internal Only: MEDIUM - Could be triggered by privileged users or during system maintenance operations.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires ability to trigger hfi1 device probe failure, typically requiring privileged access or specific hardware conditions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 05c03dfd09c069c4ffd783b47b2da5dcc9421f2c and related backports

Vendor Advisory: https://git.kernel.org/stable/c/05c03dfd09c069c4ffd783b47b2da5dcc9421f2c

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix. 2. Check distribution-specific security advisories. 3. Reboot system to load patched kernel.

🔧 Temporary Workarounds

Disable hfi1 driver

linux

Prevent loading of vulnerable hfi1 driver if not needed

echo 'blacklist hfi1' >> /etc/modprobe.d/blacklist.conf
rmmod hfi1

🧯 If You Can't Patch

Ensure proper hardware initialization and avoid triggering device probe failures
Monitor system logs for hfi1 initialization errors and restart affected systems

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if hfi1 module is loaded: lsmod | grep hfi1 && uname -r

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is patched and check dmesg for absence of lockdep warnings during hfi1 initialization

📡 Detection & Monitoring

Log Indicators:

Kernel messages about lockdep warnings
hfi1 initialization failures
Call traces mentioning sdma_clean or hfi1_free_devdata

Network Indicators:

None - local kernel issue

SIEM Query:

source="kernel" AND ("lockdep" OR "hfi1" OR "sdma_clean")

📊 Metadata

CVE ID: CVE-2022-49433

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-908

EPSS Score: 0.04% exploit probability (10.1th percentile)

Published: February 26, 2025

Last Updated: October 22, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49433, you might also want to check these: