CVE-2022-49458
📋 TL;DR
A race condition vulnerability in the Linux kernel's MSM DRM driver where msm_drm_uninit() could attempt to free an IRQ that was never requested during error handling. This causes a kernel warning and potential system instability. Affects Linux systems using Qualcomm MSM graphics drivers.
💻 Affected Systems
- Linux kernel with MSM DRM driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic or system crash leading to denial of service, potentially disrupting device functionality.
Likely Case
Kernel warning messages in logs and minor system instability during driver initialization failures.
If Mitigated
No impact if error doesn't occur during driver initialization or if patch is applied.
🎯 Exploit Status
Requires triggering driver initialization failure conditions, typically needs local access or ability to load/unload kernel modules.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commits 577e2a9dfc8fba7938aaf75db63fae7e328cc3cb or equivalent stable backports
Vendor Advisory: https://git.kernel.org/stable/c/577e2a9dfc8fba7938aaf75db63fae7e328cc3cb
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix. 2. Reboot system. 3. Verify kernel version with 'uname -r'.
🔧 Temporary Workarounds
Disable MSM DRM driver
linuxPrevent loading of vulnerable driver module if not required
echo 'blacklist msm' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
reboot
🧯 If You Can't Patch
- Monitor kernel logs for 'Trying to free already-free IRQ' warnings
- Ensure proper error handling in applications that interact with graphics drivers
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if MSM DRM driver is loaded: 'lsmod | grep msm' and 'uname -r'Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits and no 'Trying to free already-free IRQ' warnings appear in dmesg📡 Detection & Monitoring
Log Indicators:
- Kernel log messages containing 'Trying to free already-free IRQ' and backtrace similar to provided example
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND "Trying to free already-free IRQ"