CVE-2022-49720 – This CVE-2022-49720 is a Linux kernel vulnerabi... (How to Fix)

Q: What is the severity of CVE-2022-49720?

CVE-2022-49720 has a CVSS score of 7.8 (HIGH). This CVE-2022-49720 is a Linux kernel vulnerability in the block layer's multi-queue request allocation function that can cause an array index out-of-bounds access when handling offline queues. It affects Linux systems using NVMe storage with specific configurations, potentially leading to kernel crashes or instability. The vulnerability is triggered during NVMe fabric connection operations.

📋 TL;DR

This CVE-2022-49720 is a Linux kernel vulnerability in the block layer's multi-queue request allocation function that can cause an array index out-of-bounds access when handling offline queues. It affects Linux systems using NVMe storage with specific configurations, potentially leading to kernel crashes or instability. The vulnerability is triggered during NVMe fabric connection operations.

💻 Affected Systems

Products:

Linux kernel

Versions: Linux kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable when using NVMe fabrics (like NVMe over Fabrics/NVMe-oF) or NVMe loop devices; standard local NVMe may not trigger the issue.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially causing data corruption or loss if occurring during critical storage operations.

🟠

Likely Case

System instability or crash when NVMe fabrics attempt to connect I/O queues, resulting in temporary service disruption until system reboot.

🟢

If Mitigated

Minor performance impact or failed NVMe connection attempts without system-wide disruption if proper bounds checking is implemented.

🌐 Internet-Facing: LOW - This is a local kernel vulnerability requiring local access or specific NVMe fabric operations, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Affects systems using NVMe storage with specific configurations; exploitation requires local access or triggering specific NVMe operations.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires triggering specific NVMe fabric connection operations; not a remote code execution vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Linux kernel with commits 14dc7a18abbe, 7fa28a7c3d74, b202a0bd2580, or b5e65ef044d6 applied

Vendor Advisory: https://git.kernel.org/stable/c/14dc7a18abbe4176f5626c13c333670da8e06aa1

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Check distribution-specific security advisories. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable NVMe fabrics if not needed

Linux

Prevent triggering the vulnerability by disabling NVMe fabrics functionality

modprobe -r nvme-fabrics
echo 'blacklist nvme-fabrics' >> /etc/modprobe.d/blacklist.conf

🧯 If You Can't Patch

Avoid using NVMe fabrics or NVMe loop devices
Monitor system logs for UBSAN array-index-out-of-bounds errors related to blk_mq_alloc_request_hctx

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if NVMe fabrics modules are loaded: 'lsmod | grep nvme' and 'uname -r'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits: 'grep -i "blk_mq_alloc_request_hctx" /proc/kallsyms' or check kernel source for the fix

📡 Detection & Monitoring

Log Indicators:

UBSAN: array-index-out-of-bounds in block/blk-mq.h
kernel panic messages
nvme connection failures

Network Indicators:

NVMe fabric connection failures

SIEM Query:

source="kernel" AND ("UBSAN" OR "array-index-out-of-bounds" OR "blk_mq_alloc_request_hctx")

📊 Metadata

CVE ID: CVE-2022-49720

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-129

EPSS Score: 0.04% exploit probability (11th percentile)

Published: February 26, 2025

Last Updated: October 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49720, you might also want to check these: