Login Sign Up

CVE-2022-49990

7.8 HIGH
Denial of Service

📋 TL;DR

This CVE describes a double-free vulnerability in the Linux kernel on s390 architecture that occurs when the fork() system call fails. The vulnerability allows attackers to potentially crash the kernel or execute arbitrary code with kernel privileges. It affects Linux systems running on IBM s390/s390x architecture.

💻 Affected Systems

Products:
  • Linux Kernel
Versions: Specific s390 kernel versions before the fix commits (check git references for exact ranges)
Operating Systems: Linux distributions running on IBM s390/s390x architecture
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects s390/s390x architecture. Requires CONFIG_S390_FACILITIES and either CONFIG_GUARDED_STORAGE or CONFIG_RUNTIME_INSTRUMENTATION to be vulnerable.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to denial of service, or potential privilege escalation to kernel-level code execution allowing complete system compromise.

🟠

Likely Case

Kernel crash/panic causing system instability or denial of service, particularly under high system load or during process creation failures.

🟢

If Mitigated

System remains stable with no impact if patched or if fork() operations don't fail during the vulnerable window.

🌐 Internet-Facing: LOW - Requires local access to trigger fork() system call failures.
🏢 Internal Only: MEDIUM - Local users or processes could potentially exploit this to crash the kernel or escalate privileges.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires local access and ability to trigger fork() failures at specific timing. Discovered through trinity syscall fuzzing tests.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 13cccafe0edcd03bf1c841de8ab8a1c8e34f77d9, 25a95303b9e513cd2978aacc385d06e6fec23d07, 297ae7e87a87a001dd3dfeac1cb26a42fd929708, 8195e065abf3df84eb0ad2987e76a40f21d1791c, cacd522e6652fbc2dc0cc6ae11c4e30782fef14b

Vendor Advisory: https://git.kernel.org/stable/c/13cccafe0edcd03bf1c841de8ab8a1c8e34f77d9

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution vendor. 2. For custom kernels, apply the relevant git commits. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable vulnerable kernel features

linux

Disable guarded storage or runtime instrumentation features if not required

Rebuild kernel with CONFIG_GUARDED_STORAGE=n and/or CONFIG_RUNTIME_INSTRUMENTATION=n

🧯 If You Can't Patch

  • Restrict local user access to s390 systems
  • Monitor for kernel panic/crash events and implement high availability solutions

🔍 How to Verify

Check if Vulnerable:

Check kernel version and architecture: uname -a, and verify if running on s390/s390x with vulnerable kernel versions

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits: grep -r '13cccafe0edcd03bf1c841de8ab8a1c8e34f77d9' /boot/config-* or check kernel source

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • BUG_ON() errors in dmesg
  • KASAN splat reports
  • System crashes during process creation

Network Indicators:

  • None - local vulnerability only

SIEM Query:

search 'kernel panic' OR 'BUG:' OR 'double free' in system logs on s390 hosts

📊 Metadata

CVE ID: CVE-2022-49990
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-415
EPSS Score: 0.02% exploit probability (3.7th percentile)
Published: June 18, 2025
Last Updated: November 14, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49990, you might also want to check these:

CVE-2020-35885 9.8

This vulnerability in the alpm-rs Rust crate allows double-free memory corruption due to improper de...

Same vulnerability type (CWE-415)
CVE-2021-29940 9.8

This vulnerability in the Rust 'through' crate allows double-free memory corruption when the map fun...

Same vulnerability type (CWE-415)
CVE-2023-49937 9.8

This CVE describes a double-free vulnerability in SchedMD Slurm workload manager that allows attacke...

Same vulnerability type (CWE-415)