CVE-2022-49726

26.02.2025, 07:01

In the Linux kernel, the following vulnerability has been resolved:

clocksource: hyper-v: unexport __init-annotated hv_init_clocksource()

EXPORT_SYMBOL and __init is a bad combination because the .init.text
section is freed up after the initialization. Hence, modules cannot
use symbols annotated __init. The access to a freed symbol may end up
with kernel panic.

modpost used to detect it, but it has been broken for a decade.

Recently, I fixed modpost so it started to warn it again, then this
showed up in linux-next builds.

There are two ways to fix it:

  - Remove __init
  - Remove EXPORT_SYMBOL

I chose the latter for this case because the only in-tree call-site,
arch/x86/kernel/cpu/mshyperv.c is never compiled as modular.
(CONFIG_HYPERVISOR_GUEST is boolean)

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 7%

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 fixed
bullseye (security)	5.10.234-1 fixed
bookworm	6.1.123-1 fixed
bookworm (security)	6.1.128-1 fixed
trixie	6.12.12-1 fixed
sid	6.12.16-1 fixed

References

https://git.kernel.org/stable/c/0414eab7c78f3518143d383e448d44fc573ac6d2

https://git.kernel.org/stable/c/245b993d8f6c4e25f19191edfbd8080b645e12b1

https://git.kernel.org/stable/c/937fcbb55a1e48a6422e87e8f49422c92265f102

https://git.kernel.org/stable/c/cff3a7ce6e81418b6e8bac941779bbf5d342d626

https://git.kernel.org/stable/c/db965e2757d95f695e606856418cd84003dd036d