CVE-2022-49098
26.02.2025, 07:00
In the Linux kernel, the following vulnerability has been resolved:
Drivers: hv: vmbus: Fix potential crash on module unload
The vmbus driver relies on the panic notifier infrastructure to perform
some operations when a panic event is detected. Since vmbus can be built
as module, it is required that the driver handles both registering and
unregistering such panic notifier callback.
After commit 74347a99e73a ("x86/Hyper-V: Unload vmbus channel in hv panic callback")
though, the panic notifier registration is done unconditionally in the module
initialization routine whereas the unregistering procedure is conditionally
guarded and executes only if HV_FEATURE_GUEST_CRASH_MSR_AVAILABLE capability
is set.
This patch fixes that by unconditionally unregistering the panic notifier
in the module's exit routine as well.Enginsight| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 4.19.118 ≤ 𝑥 < 4.19.238 |
| linux | linux_kernel | 5.4.35 ≤ 𝑥 < 5.4.189 |
| linux | linux_kernel | 5.6.7 ≤ 𝑥 < 5.7 |
| linux | linux_kernel | 5.7.1 ≤ 𝑥 < 5.10.111 |
| linux | linux_kernel | 5.11 ≤ 𝑥 < 5.15.34 |
| linux | linux_kernel | 5.16 ≤ 𝑥 < 5.16.20 |
| linux | linux_kernel | 5.17 ≤ 𝑥 < 5.17.3 |
| linux | linux_kernel | 5.7 |
| linux | linux_kernel | 5.7:rc2 |
| linux | linux_kernel | 5.7:rc3 |
| linux | linux_kernel | 5.7:rc4 |
| linux | linux_kernel | 5.7:rc5 |
| linux | linux_kernel | 5.7:rc6 |
| linux | linux_kernel | 5.7:rc7 |
| linux | linux_kernel | 5.18:rc1 |
𝑥
= Vulnerable software versions
Debian Releases
References