CVE-2022-49928: Linux Kernel SUNRPC Null-Pointer Dereference Vulnerability Fix

In the Linux kernel, a vulnerability has been resolved related to the SUNRPC (Secure User Name Remote Procedure Call) protocol. The vulnerability is identified as CVE-2022-49928 and is classified as a null-pointer dereference issue, which could potentially allow an attacker to crash the system or compromise its security.

Details

The vulnerability occurs when the xps sysfs alloc fails. When this happens, there is a null-ptr-deref that can lead to issues like the following:

BUG: KASAN: null-ptr-deref in sysfs_do_create_link_sd+x40/xd
Read of size 8 at addr 000000000000003 by task gssproxy/457

CPU: 5 PID: 457 Comm: gssproxy Not tainted 6..-09040-g02357b27ee03 #9
Call Trace:
 <TASK>
 dump_stack_lvl+x34/x44
 kasan_report+xa3/x120
 sysfs_do_create_link_sd+x40/xd
 rpc_sysfs_client_setup+x161/x1b
 rpc_new_client+x3fc/x6e
 rpc_create_xprt+x71/x220
 rpc_create+x1d4/x350
 gssp_rpc_create+xc3/x160
 set_gssp_clnt+xbc/x140
 write_gssp+x116/x1a
 proc_reg_write+xd6/x130
 vfs_write+x177/x690
 ksys_write+xb9/x150
 do_syscall_64+x35/x80
 entry_SYSCALL_64_after_hwframe+x46/xb

This issue is caused by not properly handling the case where the xprt_switch sysfs alloc failed, leading to adding xprt and switch sysfs to it even though it should not be done. This can result in null-ptr-deref and other issues. To fix this vulnerability, the 'xps_sysfs' variable should be initialized to NULL to avoid oops when destroying it.

References

1. Linux Kernel CVE-2022-49928 Patch Documentation
2. SUNRPC Protocol Specification

Exploit Details

There are currently no known exploits targeting this vulnerability. However, it is important to keep your Linux kernel updated to the latest version to avoid potential security issues. The fix for CVE-2022-49928 has been applied in the Linux kernel version 6.., so it is recommended to update to this version or newer to ensure your system is protected.

Conclusion

The CVE-2022-49928 vulnerability in the Linux kernel has been resolved, addressing a null-pointer dereference issue in the SUNRPC protocol. It is essential to keep your Linux kernel updated to the latest version to avoid potential security breaches and maintain the overall stability of your system.

Timeline

Published on: 05/01/2025 15:16:18 UTC
Last modified on: 05/07/2025 13:28:44 UTC