CVE-2022-49127
- Source
- https://cve.org/CVERecord?id=CVE-2022-49127
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49127.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49127
- Downstream
- Published
- 2025-02-26T01:55:04.643Z
- Modified
- 2026-03-10T06:13:39.797049Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- ref_tracker: implement use-after-free detection
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ref_tracker: implement use-after-free detection
Whenever reftrackerdirinit() is called, mark the struct reftracker_dir as dead.
Test the dead status from reftrackeralloc() and reftrackerfree()
This should detect buggy devput()/devhold() happening too late in netdevice dismantle process.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49127.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/3743c9de303fa36c2e2ca2522ab280c52bcafbd2
- https://git.kernel.org/stable/c/e3ececfe668facd87d920b608349a32607060e66
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49127.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-49127
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced4e66934eaadc83b27ada8d42b60894018f3bfabfFixed3743c9de303fa36c2e2ca2522ab280c52bcafbd2Fixede3ececfe668facd87d920b608349a32607060e66
Affected versions
v5.*
v5.16
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.17.1
v5.17.2
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49127.json"
vanir_signatures
[
{
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "include/linux/ref_tracker.h"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3743c9de303fa36c2e2ca2522ab280c52bcafbd2",
"digest": {
"line_hashes": [
"91244770138668947819841620019570565648",
"100209318224815166029599425209099639201",
"115389790689657731257834346378345584050",
"67655556263552851270379346967881521061",
"21668387911000239889087072778525852763",
"210452557402132451279979631305590073748",
"167222549670566091809171546047568795342",
"334907172223365168383610553136689210090"
],
"threshold": 0.9
},
"id": "CVE-2022-49127-12cb302b"
},
{
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "lib/ref_tracker.c",
"function": "ref_tracker_alloc"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3743c9de303fa36c2e2ca2522ab280c52bcafbd2",
"digest": {
"length": 738.0,
"function_hash": "148252295059274426566970765012476149268"
},
"id": "CVE-2022-49127-14851335"
},
{
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "lib/ref_tracker.c",
"function": "ref_tracker_dir_exit"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3743c9de303fa36c2e2ca2522ab280c52bcafbd2",
"digest": {
"length": 639.0,
"function_hash": "243353422121804046810467003815481165717"
},
"id": "CVE-2022-49127-1724263b"
},
{
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "lib/ref_tracker.c",
"function": "ref_tracker_dir_exit"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3ececfe668facd87d920b608349a32607060e66",
"digest": {
"length": 639.0,
"function_hash": "243353422121804046810467003815481165717"
},
"id": "CVE-2022-49127-1f7bf746"
},
{
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "lib/ref_tracker.c",
"function": "ref_tracker_free"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3743c9de303fa36c2e2ca2522ab280c52bcafbd2",
"digest": {
"length": 1133.0,
"function_hash": "112649470600871158022840867828449628211"
},
"id": "CVE-2022-49127-46ec9bdc"
},
{
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "include/linux/ref_tracker.h",
"function": "ref_tracker_dir_init"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3ececfe668facd87d920b608349a32607060e66",
"digest": {
"length": 263.0,
"function_hash": "182679242684263097370843094418298509253"
},
"id": "CVE-2022-49127-64b0d892"
},
{
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "include/linux/ref_tracker.h"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3ececfe668facd87d920b608349a32607060e66",
"digest": {
"line_hashes": [
"91244770138668947819841620019570565648",
"100209318224815166029599425209099639201",
"115389790689657731257834346378345584050",
"67655556263552851270379346967881521061",
"21668387911000239889087072778525852763",
"210452557402132451279979631305590073748",
"167222549670566091809171546047568795342",
"334907172223365168383610553136689210090"
],
"threshold": 0.9
},
"id": "CVE-2022-49127-683f4c8a"
},
{
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "lib/ref_tracker.c",
"function": "ref_tracker_free"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3ececfe668facd87d920b608349a32607060e66",
"digest": {
"length": 1133.0,
"function_hash": "112649470600871158022840867828449628211"
},
"id": "CVE-2022-49127-850e096c"
},
{
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "lib/ref_tracker.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3ececfe668facd87d920b608349a32607060e66",
"digest": {
"line_hashes": [
"263493077110747515851657060248575252797",
"328296714946629197250825612469380840949",
"237553821653884453423595077911499550428",
"234918053898666453769021588743568292429",
"15619889350667951309279410926470733777",
"105492262192888624601122009977018575663",
"303440621195072542513105838234948749001",
"212745164055341145204064634626225705952",
"319401701070952057587253712334338377854"
],
"threshold": 0.9
},
"id": "CVE-2022-49127-af6c7232"
},
{
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "lib/ref_tracker.c"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3743c9de303fa36c2e2ca2522ab280c52bcafbd2",
"digest": {
"line_hashes": [
"263493077110747515851657060248575252797",
"328296714946629197250825612469380840949",
"237553821653884453423595077911499550428",
"234918053898666453769021588743568292429",
"15619889350667951309279410926470733777",
"105492262192888624601122009977018575663",
"303440621195072542513105838234948749001",
"212745164055341145204064634626225705952",
"319401701070952057587253712334338377854"
],
"threshold": 0.9
},
"id": "CVE-2022-49127-baa22bab"
},
{
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "include/linux/ref_tracker.h",
"function": "ref_tracker_dir_init"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3743c9de303fa36c2e2ca2522ab280c52bcafbd2",
"digest": {
"length": 263.0,
"function_hash": "182679242684263097370843094418298509253"
},
"id": "CVE-2022-49127-cc1ade09"
},
{
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "lib/ref_tracker.c",
"function": "ref_tracker_alloc"
},
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3ececfe668facd87d920b608349a32607060e66",
"digest": {
"length": 738.0,
"function_hash": "148252295059274426566970765012476149268"
},
"id": "CVE-2022-49127-f9b4b7ed"
}
]