CVE-2022-49755 – This is a use-after-free vulnerability in the L... (How to Fix)

Q: What is the severity of CVE-2022-49755?

CVE-2022-49755 has a CVSS score of 7.8 (HIGH). This is a use-after-free vulnerability in the Linux kernel's USB gadget function filesystem (FFS) driver. It allows local attackers to potentially crash the system or execute arbitrary code by exploiting a race condition during USB composition switching. Systems using USB gadget functionality with FFS are affected.

📋 TL;DR

This is a use-after-free vulnerability in the Linux kernel's USB gadget function filesystem (FFS) driver. It allows local attackers to potentially crash the system or execute arbitrary code by exploiting a race condition during USB composition switching. Systems using USB gadget functionality with FFS are affected.

💻 Affected Systems

Products:

Linux kernel

Versions: Versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using USB gadget functionality with the function filesystem (FFS) driver enabled.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to kernel-level code execution, potentially leading to full system compromise.

🟠

Likely Case

Kernel panic or system crash causing denial of service.

🟢

If Mitigated

Minimal impact if proper access controls prevent local attackers from accessing USB gadget interfaces.

🌐 Internet-Facing: LOW - Requires local access to exploit.

🏢 Internal Only: MEDIUM - Local attackers could exploit this if they have access to USB gadget functionality.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and ability to trigger USB gadget operations. Race condition exploitation adds complexity.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits 6a19da111057, 6aee197b7fbc, 6dd9ea05534f, a8d40942df07, or ae8e136bcaae

Vendor Advisory: https://git.kernel.org/stable/c/6a19da111057f69214b97c62fb0ac59023970850

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable USB gadget FFS module

all

Prevent loading of the vulnerable USB gadget function filesystem driver

echo 'blacklist g_ffs' >> /etc/modprobe.d/blacklist.conf
rmmod g_ffs

🧯 If You Can't Patch

Restrict local user access to systems using USB gadget functionality
Implement strict access controls and monitoring for USB device operations

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if CONFIG_USB_FUNCTIONFS is enabled in kernel config

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits or is newer than vulnerable versions

📡 Detection & Monitoring

Log Indicators:

Kernel oops messages
System crashes related to USB operations
Unexpected kernel panics

Network Indicators:

None - local vulnerability only

SIEM Query:

Search for kernel panic logs or oops messages containing 'ffs' or 'usb_gadget'

📊 Metadata

CVE ID: CVE-2022-49755

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

EPSS Score: 0.03% exploit probability (6.7th percentile)

Published: March 27, 2025

Last Updated: April 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49755, you might also want to check these: