CVE-2022-49869 – A NULL pointer dereference vulnerability in the... (How to Fix)

Q: What is the severity of CVE-2022-49869?

CVE-2022-49869 has a CVSS score of 5.5 (MEDIUM). A NULL pointer dereference vulnerability in the Linux kernel's bnxt_en driver allows local attackers to cause a kernel crash (denial of service) when attempting to modify network coalescing settings during error recovery. This affects systems using Broadcom NetXtreme-E network adapters with vulnerable kernel versions. The vulnerability requires local access to execute the ethtool command.

📋 TL;DR

A NULL pointer dereference vulnerability in the Linux kernel's bnxt_en driver allows local attackers to cause a kernel crash (denial of service) when attempting to modify network coalescing settings during error recovery. This affects systems using Broadcom NetXtreme-E network adapters with vulnerable kernel versions. The vulnerability requires local access to execute the ethtool command.

💻 Affected Systems

Products:

Linux kernel bnxt_en driver for Broadcom NetXtreme-E network adapters

Versions: Kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Requires Broadcom NetXtreme-E hardware and use of ethtool to modify coalescing settings during driver error recovery states.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to full system compromise if combined with other vulnerabilities, though this specific CVE primarily causes denial of service through kernel panic.

🟠

Likely Case

Local denial of service through kernel crash when privileged users or processes attempt to modify network coalescing settings during driver error recovery.

🟢

If Mitigated

Minimal impact with proper access controls limiting local user privileges and timely patching.

🌐 Internet-Facing: LOW - Requires local access to the system, cannot be exploited remotely.

🏢 Internal Only: MEDIUM - Local users or processes with sufficient privileges can crash the kernel, affecting system availability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access and timing to trigger during error recovery sequence. No known public exploits.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 38147073c96dce8c7e142ce0e5f305a420a729ba, 6d81ea3765dfa6c8a20822613c81edad1c4a16a0, 7781e32984cde65549bedc3201537e253297c98d, a5a05fbef4a0dfe45fe03b2f1d02ba23aebf5384, ac257c43fa615d22180916074feed803b8bb8cb0

Vendor Advisory: https://git.kernel.org/stable/c/38147073c96dce8c7e142ce0e5f305a420a729ba

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Check distribution-specific security advisories for backported patches. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Restrict ethtool access

linux

Limit which users can run ethtool commands to modify network settings

chmod 750 /sbin/ethtool
setcap -r /sbin/ethtool
Use sudoers to restrict ethtool access to specific users

Disable coalescing modification

linux

Prevent modification of network coalescing settings during operation

echo 0 > /sys/class/net/[interface]/queues/tx-*/tx-usecs
echo 0 > /sys/class/net/[interface]/queues/rx-*/rx-usecs

🧯 If You Can't Patch

Implement strict access controls to prevent unauthorized users from running ethtool
Monitor system logs for kernel panic events and restrict user access to systems showing instability

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if bnxt_en driver is loaded: uname -r && lsmod | grep bnxt_en

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits: grep -q '38147073c96dce8c7e142ce0e5f305a420a729ba\|6d81ea3765dfa6c8a20822613c81edad1c4a16a0' /proc/version

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages in /var/log/messages or dmesg
NULL pointer dereference errors mentioning bnxt_hwrm_set_coal
ethtool command failures during network errors

Network Indicators:

Sudden network interface disappearance
Unexpected system reboots

SIEM Query:

source="kernel" AND ("NULL pointer dereference" OR "bnxt_hwrm_set_coal" OR "kernel panic")

📊 Metadata

CVE ID: CVE-2022-49869

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.02% exploit probability (5.7th percentile)

Published: May 1, 2025

Last Updated: October 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49869, you might also want to check these: