5.5

CVE-2022-49098

EPSS 0.01%
Veröffentlicht 26.02.2025 07:00:47
Zuletzt bearbeitet 14.10.2025 20:04:11
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

Drivers: hv: vmbus: Fix potential crash on module unload

In the Linux kernel, the following vulnerability has been resolved:

Drivers: hv: vmbus: Fix potential crash on module unload

The vmbus driver relies on the panic notifier infrastructure to perform
some operations when a panic event is detected. Since vmbus can be built
as module, it is required that the driver handles both registering and
unregistering such panic notifier callback.

After commit 74347a99e73a ("x86/Hyper-V: Unload vmbus channel in hv panic callback")
though, the panic notifier registration is done unconditionally in the module
initialization routine whereas the unregistering procedure is conditionally
guarded and executes only if HV_FEATURE_GUEST_CRASH_MSR_AVAILABLE capability
is set.

This patch fixes that by unconditionally unregistering the panic notifier
in the module's exit routine as well.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 10

NVD 15 VulnDex Vulnerability Enrichment 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 4.19.118 < 4.19.238

Linux ≫ Linux Kernel Version >= 5.4.35 < 5.4.189

Linux ≫ Linux Kernel Version >= 5.6.7 < 5.7

Linux ≫ Linux Kernel Version >= 5.7.1 < 5.10.111

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.34

Linux ≫ Linux Kernel Version >= 5.16 < 5.16.20

Linux ≫ Linux Kernel Version >= 5.17 < 5.17.3

Linux ≫ Linux Kernel Version5.7 Update-

Linux ≫ Linux Kernel Version5.7 Updaterc2

Linux ≫ Linux Kernel Version5.7 Updaterc3

Linux ≫ Linux Kernel Version5.7 Updaterc4

Linux ≫ Linux Kernel Version5.7 Updaterc5

Linux ≫ Linux Kernel Version5.7 Updaterc6

Linux ≫ Linux Kernel Version5.7 Updaterc7

Linux ≫ Linux Kernel Version5.18 Updaterc1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.009

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/2133c422a103cf7c7768c37b9ac382e73b691892

Patch

https://git.kernel.org/stable/c/3d0078f8bddd58d9bb1ad40bbe929f8633abb276

Patch

https://git.kernel.org/stable/c/5ea98d0f5f035c1bcf1517ccec0e024ae35a48b2

Patch

https://git.kernel.org/stable/c/6b4c0149a56147b29169e07000d566162892722a

Patch

https://git.kernel.org/stable/c/792f232d57ff28bbd5f9c4abe0466b23d5879dc8

Patch

https://git.kernel.org/stable/c/cf580d2e3884dbafd6b90269b03a24d661578624

Patch

https://git.kernel.org/stable/c/dcd6b1a624c0ffa21034d8b1e02e9d068458f596

Patch

https://nvd.nist.gov/vuln/detail/CVE-2022-49098

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-49098

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-49098

EUVD