CVE-2022-49688
26.02.2025, 07:01
In the Linux kernel, the following vulnerability has been resolved:
afs: Fix dynamic root getattr
The recent patch to make afs_getattr consult the server didn't account
for the pseudo-inodes employed by the dynamic root-type afs superblock
not having a volume or a server to access, and thus an oops occurs if
such a directory is stat'd.
Fix this by checking to see if the vnode->volume pointer actually points
anywhere before following it in afs_getattr().
This can be tested by stat'ing a directory in /afs. It may be
sufficient just to do "ls /afs" and the oops looks something like:
BUG: kernel NULL pointer dereference, address: 0000000000000020
...
RIP: 0010:afs_getattr+0x8b/0x14b
...
Call Trace:
<TASK>
vfs_statx+0x79/0xf5
vfs_fstatat+0x49/0x62Enginsight| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 4.19.245 ≤ 𝑥 < 4.19.250 |
| linux | linux_kernel | 5.4.196 ≤ 𝑥 < 5.4.202 |
| linux | linux_kernel | 5.10.118 ≤ 𝑥 < 5.10.127 |
| linux | linux_kernel | 5.15.42 ≤ 𝑥 < 5.15.51 |
| linux | linux_kernel | 5.17.10 ≤ 𝑥 < 5.18 |
| linux | linux_kernel | 5.18.1 ≤ 𝑥 < 5.18.8 |
| linux | linux_kernel | 5.18 |
| linux | linux_kernel | 5.19:rc1 |
| linux | linux_kernel | 5.19:rc2 |
| linux | linux_kernel | 5.19:rc3 |
𝑥
= Vulnerable software versions
Debian Releases
Common Weakness Enumeration
References