CVE-2022-49592
📋 TL;DR
This CVE describes an integer overflow vulnerability in the Linux kernel's STMicroelectronics STMMAC Ethernet driver. When queue numbers exceed 4, a 32-bit left shift operation overflows, causing incorrect DMA queue mapping calculations. This affects Linux systems using STMMAC Ethernet controllers with more than 4 queues configured.
💻 Affected Systems
- Linux kernel with STMMAC Ethernet driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic or system crash due to memory corruption, potentially leading to denial of service and system instability.
Likely Case
System instability, network interface failures, or kernel warnings/panics when configuring network interfaces with multiple queues.
If Mitigated
Minor performance impact or warnings if UBSAN is enabled, but system remains functional.
🎯 Exploit Status
Exploitation requires local access and ability to configure network interfaces with multiple queues. The vulnerability is triggered during network interface setup.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 508d86ead36c, 573768dede0e, 613b065ca32e, 7c687a893f5c, a3ac79f38d35
Vendor Advisory: https://bugzilla.kernel.org/show_bug.cgi?id=216195
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. For distributions: Use package manager to update kernel package. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Limit queue configuration
LinuxConfigure STMMAC interfaces to use 4 or fewer queues to avoid triggering the overflow
ethtool -L <interface> rx 4 tx 4
Disable UBSAN
LinuxDisable Undefined Behavior Sanitizer to prevent kernel warnings (does not fix vulnerability)
Rebuild kernel without CONFIG_UBSAN
🧯 If You Can't Patch
- Avoid configuring STMMAC interfaces with more than 4 queues
- Restrict network configuration privileges to trusted users only
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if using STMMAC driver with >4 queues. Look for UBSAN warnings in dmesg about shift-out-of-bounds in dwmac4_core.cCheck Version:
uname -rVerify Fix Applied:
Check that kernel version includes fix commits. Verify no UBSAN warnings appear when configuring network interfaces with multiple queues.📡 Detection & Monitoring
Log Indicators:
- UBSAN: shift-out-of-bounds warnings in kernel logs
- Kernel panic or oops messages related to stmmac/dwmac4
Network Indicators:
- Network interface failures during configuration
- Unexpected network service disruptions
SIEM Query:
source="kernel" AND ("shift-out-of-bounds" OR "dwmac4_core.c" OR "stmmac")🔗 References
- https://git.kernel.org/stable/c/508d86ead36cbd8dfb60773a33276790d668c473
- https://git.kernel.org/stable/c/573768dede0e2b7de38ecbc11cb3ee47643902dc
- https://git.kernel.org/stable/c/613b065ca32e90209024ec4a6bb5ca887ee70980
- https://git.kernel.org/stable/c/7c687a893f5cae5ca40d189635602e93af9bab73
- https://git.kernel.org/stable/c/a3ac79f38d354b10925824899cdbd2caadce55ba
- https://git.kernel.org/stable/c/ad2febdfbd01e1d092a08bfdba92ede79ea05ff3
- https://git.kernel.org/stable/c/e846bde09677fa3b203057846620b7ed96540f5f
