CVE-2022-49567
📋 TL;DR
This CVE describes an uninitialized memory access vulnerability in the Linux kernel's memory policy subsystem. When a memory policy is set to MPOL_LOCAL mode, the nodemask field remains uninitialized and can be accessed during policy rebinding operations, potentially leading to kernel memory corruption. This affects Linux systems where memory policies are configured, typically in multi-node NUMA systems or containerized environments.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic or system crash leading to denial of service, or potential privilege escalation if combined with other vulnerabilities.
Likely Case
Kernel crash or system instability when memory policies are modified, particularly in container migration or cgroup operations.
If Mitigated
No impact if memory policies are not used or if the system doesn't perform policy rebinding operations.
🎯 Exploit Status
Syzkaller fuzzer found and reproduced the issue. Exploitation requires specific conditions: setting MPOL_LOCAL memory policy followed by policy rebinding operations.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits 018160ad314d, 777e563f10e9, or 8c5429a04ccd
Vendor Advisory: https://git.kernel.org/stable/c/018160ad314d75b1409129b2247b614a9f35894c
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check with your distribution vendor for backported patches. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable memory policy usage
linuxAvoid using memory policies or cpuset operations that trigger mpol_rebind_policy()
# No specific commands - avoid using set_mempolicy, mbind syscalls
# Avoid container migration operations that modify cpusets
🧯 If You Can't Patch
- Monitor system logs for KMSAN warnings or kernel crashes related to mempolicy operations
- Restrict container migration and cgroup modification operations to trusted processes only
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if it contains the vulnerable code path in mm/mempolicy.c around line 352Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits: 018160ad314d, 777e563f10e9, or 8c5429a04ccd📡 Detection & Monitoring
Log Indicators:
- KMSAN: uninit-value warnings
- kernel oops/panic in mpol_rebind_policy
- cgroup/cpuset related crashes
Network Indicators:
- None - this is a local kernel vulnerability
SIEM Query:
Search for: 'KMSAN uninit-value mempolicy' OR 'mpol_rebind_policy crash' OR 'cpuset_attach kernel panic'