Login Sign Up

CVE-2022-49565

5.5 MEDIUM

📋 TL;DR

This CVE describes a Linux kernel vulnerability where improper initialization order in the Performance Monitoring Unit (PMU) for Last Branch Record (LBR) on Intel Haswell (HSW) processors could lead to unchecked MSR (Model Specific Register) access. This could potentially allow local attackers to cause kernel crashes or instability. The vulnerability affects Linux systems running on affected Intel processors.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific kernel versions with the vulnerable code; exact range depends on distribution backports
Operating Systems: Linux distributions running on Intel Haswell or compatible processors
Default Config Vulnerable: ⚠️ Yes
Notes: Requires Intel processors with LBR_FORMAT_EIP_FLAGS2 format and disabled TSX feature. Performance monitoring features must be accessible.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic or system crash leading to denial of service, potentially allowing local privilege escalation if combined with other vulnerabilities.

🟠

Likely Case

System instability or kernel crash when specific performance monitoring operations are performed, requiring local access to trigger.

🟢

If Mitigated

Minimal impact with proper access controls preventing local users from accessing performance monitoring features.

🌐 Internet-Facing: LOW - Requires local access to trigger, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Local users could potentially crash systems or cause instability, but requires specific conditions and access to performance monitoring features.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and ability to trigger specific performance monitoring operations. The vulnerability was discovered through fuzzing.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel commits 625bcd0685a1 and b0380e13502a

Vendor Advisory: https://git.kernel.org/stable/c/625bcd0685a1612225df83468c83412fc0edb3d7

Restart Required: Yes

Instructions:

1. Update to a kernel version containing the fix commits. 2. Check with your Linux distribution for specific patched kernel versions. 3. Reboot the system after kernel update.

🔧 Temporary Workarounds

Disable performance monitoring for unprivileged users

linux

Restrict access to performance monitoring features to prevent triggering the vulnerable code path

echo 2 > /proc/sys/kernel/perf_event_paranoid

Disable LBR feature

linux

Turn off Last Branch Record feature if not required

echo 0 > /sys/devices/cpu/rdpmc

🧯 If You Can't Patch

  • Implement strict access controls to prevent local users from accessing performance monitoring features
  • Monitor systems for kernel panic/crash events and investigate any suspicious local user activity

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if running on Intel Haswell processor. Examine dmesg for 'unchecked MSR access error' messages related to MSR 0x689.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits or check with distribution-specific security advisories. After patching, the error should not occur.

📡 Detection & Monitoring

Log Indicators:

  • Kernel messages containing 'unchecked MSR access error: WRMSR to 0x689'
  • Kernel panic or oops messages related to native_write_msr

Network Indicators:

  • None - local vulnerability only

SIEM Query:

source="kernel" AND ("unchecked MSR access error" OR "WRMSR to 0x689")

📊 Metadata

CVE ID: CVE-2022-49565
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score: 0.05% exploit probability (16th percentile)
Published: February 26, 2025
Last Updated: October 22, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON