CVE-2022-49492
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's NVMe driver allows local attackers to cause a kernel panic (denial of service) by triggering an error condition during NVMe controller initialization. This affects systems using NVMe storage devices with vulnerable kernel versions. Attackers need local access to exploit this vulnerability.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.
Likely Case
System crash requiring reboot when malicious local user triggers the error condition during NVMe initialization.
If Mitigated
No impact if patched or if NVMe devices are not present/used.
🎯 Exploit Status
Requires local access and ability to trigger NVMe controller error conditions. Not trivial to exploit reliably.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commit 54a4c1e47d1b2585e74920399455bd9abbfb2bd7 or later
Vendor Advisory: https://git.kernel.org/stable/c/54a4c1e47d1b2585e74920399455bd9abbfb2bd7
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution. 2. For custom kernels: apply commit 54a4c1e47d1b2585e74920399455bd9abbfb2bd7. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable NVMe devices
linuxRemove or disable NVMe storage devices to prevent the vulnerable code path from being triggered.
echo 1 > /sys/bus/pci/devices/[NVMe-device-ID]/remove
Blacklist nvme module
linuxPrevent nvme driver from loading at boot.
echo 'blacklist nvme' >> /etc/modprobe.d/blacklist.conf
🧯 If You Can't Patch
- Restrict local user access to prevent malicious users from triggering the vulnerability
- Implement strict process isolation and privilege separation to limit attack surface
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if NVMe devices are present: 'uname -r' and 'lspci | grep -i nvme'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is patched and check dmesg for NVMe initialization errors after reboot📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in dmesg/system logs
- NULL pointer dereference errors related to nvme_alloc_admin_tags
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("NULL pointer dereference" OR "kernel panic") AND "nvme"🔗 References
- https://git.kernel.org/stable/c/54a4c1e47d1b2585e74920399455bd9abbfb2bd7
- https://git.kernel.org/stable/c/7a28556082d1fbcbc599baf1c24252dfc73efefc
- https://git.kernel.org/stable/c/8321b17789f614414206af07e17ce4751c95dc76
- https://git.kernel.org/stable/c/8da2b7bdb47e94bbc4062a3978c708926bcb022c
- https://git.kernel.org/stable/c/906c81dba8ee8057523859b5e1a2479e9fd34860
- https://git.kernel.org/stable/c/9e649471b396fa0139d53919354ce1eace9b9a24
- https://git.kernel.org/stable/c/af98940dd33c9f9e1beb4f71c0a39260100e2a65
- https://git.kernel.org/stable/c/da42761181627e9bdc37d18368b827948a583929
- https://git.kernel.org/stable/c/f76729662650cd7bc8f8194e057af381370349a7
