CVE-2022-49810
📋 TL;DR
A race condition vulnerability in the Linux kernel's netfs subsystem can cause a NULL pointer dereference when iterating through xarray data structures under RCU read lock. This leads to kernel panic and system crash, affecting all Linux systems using netfs functionality (including Ceph and other network filesystems).
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to complete system crash and denial of service, potentially causing data corruption or loss if filesystem operations are interrupted.
Likely Case
System crash or kernel panic resulting in denial of service, requiring system reboot to restore functionality.
If Mitigated
System remains stable with proper patching; unpatched systems may experience intermittent crashes during heavy network filesystem operations.
🎯 Exploit Status
Exploitation requires precise timing to trigger the race condition during xarray iteration under RCU lock.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patched in kernel commits 7e043a80b5dae5c2d2cf84031501de7827fd6c00 and b2cc07a76f1eb12de3b22caf5fdbf856a7bef16d
Vendor Advisory: https://git.kernel.org/stable/c/7e043a80b5dae5c2d2cf84031501de7827fd6c00
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix. 2. Check with your distribution for specific kernel package updates. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable netfs functionality
linuxIf not using network filesystems, disable netfs module loading
echo 'blacklist netfs' >> /etc/modprobe.d/blacklist.conf
rmmod netfs
🧯 If You Can't Patch
- Avoid using network filesystems that rely on netfs functionality
- Implement strict access controls to limit who can access network filesystem services
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if netfs module is loaded: 'uname -r' and 'lsmod | grep netfs'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated beyond the vulnerable versions and check kernel changelog for the fix commits📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages with NULL pointer dereference at address 0000000000000402
- netfs-related crash in kernel logs
- BUG: kernel NULL pointer dereference in netfs_rreq_unlock
Network Indicators:
- Sudden termination of network filesystem connections
SIEM Query:
kernel: "BUG: kernel NULL pointer dereference, address: 0000000000000402" OR kernel: "netfs_rreq_unlock"