Login Sign Up

CVE-2022-49607

4.7 MEDIUM
Denial of Service

📋 TL;DR

This is a race condition vulnerability in the Linux kernel's perf subsystem that can cause a denial-of-service condition. When specific timing conditions occur between perf_event_set_output() and perf_mmap_close() operations, a CPU can enter an infinite loop, leading to system hang or performance degradation. This affects Linux systems using the perf performance monitoring subsystem.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions before the fix commits (specific versions vary by distribution)
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires perf subsystem to be enabled and accessible (typically requires CAP_SYS_ADMIN or perf_event_paranoid setting)

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

System becomes completely unresponsive due to CPU entering infinite loop, requiring hard reboot and potentially causing data loss or service disruption.

🟠

Likely Case

Performance monitoring tools or applications using perf events may cause system hangs or instability when specific race conditions are triggered.

🟢

If Mitigated

With proper kernel patches applied, the race condition is eliminated and perf operations proceed normally.

🌐 Internet-Facing: LOW - This requires local access or ability to execute code on the system to trigger the race condition.
🏢 Internal Only: MEDIUM - Internal users or processes with appropriate permissions could trigger this, potentially causing system instability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH - Requires precise timing to trigger the race condition

Exploitation requires ability to create and manipulate perf events, which typically requires elevated privileges or specific system configurations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 17f541719413, 3bbd86809928, 43128b3eee33, 68e3c69803da, 98c3c8fd0d4c

Vendor Advisory: https://git.kernel.org/stable/c/17f5417194136517ee9bbd6511249e5310e5617c

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Check your distribution's security advisories for specific patched versions. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Restrict perf access

linux

Limit access to perf subsystem by adjusting perf_event_paranoid setting

echo 2 > /proc/sys/kernel/perf_event_paranoid

Disable perf for untrusted users

linux

Remove perf subsystem capabilities from non-privileged users

setcap -r /usr/bin/perf
chmod 750 /usr/bin/perf

🧯 If You Can't Patch

  • Implement strict access controls to limit who can use perf tools
  • Monitor system for unusual perf-related activity or system hangs

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with distribution's security advisories for patched versions

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits or check with 'uname -r' and compare against patched versions

📡 Detection & Monitoring

Log Indicators:

  • System logs showing unexpected reboots
  • Kernel panic or hang reports
  • High CPU usage from perf processes

Network Indicators:

  • None - this is a local vulnerability

SIEM Query:

Search for: (event_source="kernel" AND (message="panic" OR message="hang" OR message="perf")) OR (process_name="perf" AND cpu_usage>90%)

📊 Metadata

CVE ID: CVE-2022-49607
CVSS v3 Score: 4.7 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-362
EPSS Score: 0.03% exploit probability (7.2th percentile)
Published: February 26, 2025
Last Updated: October 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49607, you might also want to check these:

CVE-2025-43275 9.8

A race condition vulnerability in macOS allows malicious applications to escape their sandbox restri...

Same vulnerability type (CWE-362)
CVE-2021-32810 9.8

A race condition in crossbeam-deque Rust library versions before 0.7.4 and 0.8.0 allows tasks in wor...

Same vulnerability type (CWE-362)
CVE-2025-30444 9.8

A race condition vulnerability in macOS SMB client allows attackers to cause system termination (ker...

Same vulnerability type (CWE-362)