Login Sign Up

CVE-2022-49834

7.8 HIGH

📋 TL;DR

A use-after-free vulnerability in the Linux kernel's nilfs2 filesystem driver allows local attackers to potentially crash the system or execute arbitrary code. This affects Linux systems using the nilfs2 filesystem, particularly when filesystem remount operations occur under specific conditions.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions with nilfs2 support before the fix commits (specific versions vary by distribution)
Operating Systems: Linux distributions with nilfs2 support
Default Config Vulnerable: ✅ No
Notes: Only vulnerable if nilfs2 filesystem is actively used. Most distributions don't use nilfs2 by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash or potential privilege escalation to kernel-level code execution

🟠

Likely Case

System crash or kernel panic causing denial of service

🟢

If Mitigated

No impact if nilfs2 filesystem is not used or system is patched

🌐 Internet-Facing: LOW - Requires local access to the system
🏢 Internal Only: MEDIUM - Local attackers or users could exploit this to crash systems

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and specific conditions: nilfs2 filesystem usage and remount operations. Race condition makes exploitation timing-dependent.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 39a3ed68270b079c6b874d4e4727a512b9b4882c, 4feedde5486c07ea79787839153a71ca71329c7d, 8cccf05fe857a18ee26e20d11a8455a73ffd4efd, 9b162e81045266a2d5b44df9dffdf05c54de9cca, afbd1188382a75f6cfe22c0b68533f7f9664f182

Vendor Advisory: https://git.kernel.org/stable/c/39a3ed68270b079c6b874d4e4727a512b9b4882c

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Check your distribution's security advisories for specific patched kernel versions. 3. Reboot the system after kernel update.

🔧 Temporary Workarounds

Disable nilfs2 module

linux

Prevent loading of nilfs2 kernel module if not needed

echo 'install nilfs2 /bin/true' >> /etc/modprobe.d/disable-nilfs2.conf
rmmod nilfs2

Avoid nilfs2 filesystem usage

linux

Do not mount or use nilfs2 filesystems

# Check for nilfs2 mounts: mount | grep nilfs2
# Unmount any nilfs2 filesystems: umount /dev/nilfs2_device

🧯 If You Can't Patch

  • Avoid using nilfs2 filesystems entirely
  • Restrict local user access to systems with nilfs2 mounts
  • Monitor for system crashes or kernel panics

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if nilfs2 module is loaded: uname -r && lsmod | grep nilfs2

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is patched and nilfs2 module is either not loaded or system is updated: uname -r && grep -q '39a3ed68270b079c6b874d4e4727a512b9b4882c' /proc/version

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages in /var/log/messages or dmesg
  • System crashes or unexpected reboots
  • nilfs2-related error messages

Network Indicators:

  • None - local vulnerability only

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "nilfs2")

📊 Metadata

CVE ID: CVE-2022-49834
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-416
EPSS Score: 0.02% exploit probability (4.5th percentile)
Published: May 1, 2025
Last Updated: November 10, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49834, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)