Login Sign Up

CVE-2022-49710

5.5 MEDIUM

📋 TL;DR

This CVE describes a memory access vulnerability in the Linux kernel's device mapper mirror logging subsystem. On 64-bit systems, the code could read up to 4 bytes beyond allocated memory boundaries, potentially causing kernel crashes or information disclosure. Systems running affected Linux kernel versions with device mapper mirroring configured are vulnerable.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected kernel versions not specified in CVE description, but fix commits indicate stable kernel branches were patched.
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable when device mapper mirroring (dm-mirror) is configured and in use. Most systems don't use this feature by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, or potential information disclosure from kernel memory.

🟠

Likely Case

System instability or crashes when device mapper mirroring operations are performed, particularly under heavy I/O load.

🟢

If Mitigated

Minimal impact if device mapper mirroring is not in use or if systems are patched.

🌐 Internet-Facing: LOW - This is a kernel-level vulnerability requiring local access or specific device mapper operations.
🏢 Internal Only: MEDIUM - Internal systems using device mapper mirroring could experience crashes affecting services.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH - Requires specific device mapper mirroring configuration and operations to trigger.

Discovered through kasan testing in lvm2 testsuite. Exploitation requires local access and specific conditions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 0d2209b54f1de0c2f99cab246d4cf2cfe24aaaa9, 85e123c27d5cbc22cfdc01de1e2ca1d9003a02d0, 9a02f3275acc628c0d956be771405ced79ac36df, ae460312875159285cef5bf3dc654593f404a1ef, ba751f0d25f07aa21ce9b85372a3792bf7969d13

Vendor Advisory: https://git.kernel.org/stable/c/0d2209b54f1de0c2f99cab246d4cf2cfe24aaaa9

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable device mapper mirroring

linux

If not required, disable or remove device mapper mirror configurations.

# Check for dm-mirror usage: dmsetup table
# Remove mirror targets if found: dmsetup remove <target_name>

🧯 If You Can't Patch

  • Avoid using device mapper mirroring functionality
  • Monitor systems for kernel panics or instability related to storage operations

🔍 How to Verify

Check if Vulnerable:

Check kernel version and verify if device mapper mirroring is configured: dmsetup table | grep mirror

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version contains fix commits and test with lvm2 testsuite kasan checks.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • Oops messages in /var/log/kern.log or dmesg
  • Storage subsystem errors

Network Indicators:

  • None - this is a local kernel vulnerability

SIEM Query:

Search for kernel panic or Oops messages in system logs

📊 Metadata

CVE ID: CVE-2022-49710
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score: 0.05% exploit probability (16.1th percentile)
Published: February 26, 2025
Last Updated: October 24, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON