CVE-2022-49984
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's HID Steam driver allows malicious USB devices to crash the kernel by not submitting required Feature Reports. This affects Linux systems using the Steam controller HID driver, potentially causing denial of service.
💻 Affected Systems
- Linux kernel HID Steam driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, requiring physical or remote reboot.
Likely Case
System crash or instability when connecting malicious USB devices, requiring reboot to recover.
If Mitigated
No impact with patched kernel; unpatched systems may experience crashes only when specific malicious USB devices are connected.
🎯 Exploit Status
Exploitation requires physical USB device access or USB-over-IP capability with specifically crafted device.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 989560b6d9e00d99e07bc33067fa1c770994bf4d, c20d03b82a2e3ddbb555dad4d4f3374a9763222c, cd11d1a6114bd4bc6450ae59f6e110ec47362126, dc815761948ab5b8c94db6cb53c95103588f16ae, dee1e51b54794e90763e70a3c78f27ba4fa930ec
Vendor Advisory: https://git.kernel.org/stable/c/989560b6d9e00d99e07bc33067fa1c770994bf4d
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check distribution security advisories for specific patched versions. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable Steam HID driver
linuxPrevent loading of the vulnerable Steam HID driver module
echo 'blacklist hid-steam' >> /etc/modprobe.d/blacklist-steam.conf
rmmod hid-steam
Restrict USB device access
linuxUse USB device authorization policies to prevent unauthorized USB devices
Configure udev rules or USBGuard policies
🧯 If You Can't Patch
- Implement strict physical security controls to prevent unauthorized USB device connections
- Disable USB ports or use USB port lockdown on critical systems
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if hid-steam module is loaded: lsmod | grep hid-steamCheck Version:
uname -rVerify Fix Applied:
Check kernel version against distribution security advisory; verify hid-steam module loads without crashes📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/kern.log or dmesg
- NULL pointer dereference errors related to hid-steam
Network Indicators:
- USB-over-IP connections to vulnerable systems
SIEM Query:
Search for kernel panic events or hid-steam module errors in system logs🔗 References
- https://git.kernel.org/stable/c/989560b6d9e00d99e07bc33067fa1c770994bf4d
- https://git.kernel.org/stable/c/c20d03b82a2e3ddbb555dad4d4f3374a9763222c
- https://git.kernel.org/stable/c/cd11d1a6114bd4bc6450ae59f6e110ec47362126
- https://git.kernel.org/stable/c/dc815761948ab5b8c94db6cb53c95103588f16ae
- https://git.kernel.org/stable/c/dee1e51b54794e90763e70a3c78f27ba4fa930ec
- https://git.kernel.org/stable/c/fa2b822d86be5b5ad54fe4fa2daca464e71ff90a
