CVE-2022-49357

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-49357
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49357.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49357
Related
Published
2025-02-26T07:01:12Z
Modified
2025-02-26T19:03:03.084535Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

efi: Do not import certificates from UEFI Secure Boot for T2 Macs

On Apple T2 Macs, when Linux attempts to read the db and dbx efi variables at early boot to load UEFI Secure Boot certificates, a page fault occurs in Apple firmware code and EFI runtime services are disabled with the following logs:

WARNING: CPU: 3 PID: 104 at arch/x86/platform/efi/quirks.c:735 eficrashgracefullyonpagefault+0x50/0xf0 (Removed some logs from here) Call Trace: <TASK> pagefaultoops+0x4f/0x2c0 ? searchbpfextables+0x6b/0x80 ? searchmoduleextables+0x50/0x80 ? searchexceptiontables+0x5b/0x60 kernelmodefixuporoops+0x9e/0x110 _badareanosemaphore+0x155/0x190 badareanosemaphore+0x16/0x20 dokernaddrfault+0x8c/0xa0 excpagefault+0xd8/0x180 asmexcpagefault+0x1e/0x30 (Removed some logs from here) ? _eficall+0x28/0x30 ? switchmm+0x20/0x30 ? eficallrts+0x19a/0x8e0 ? processonework+0x222/0x3f0 ? workerthread+0x4a/0x3d0 ? kthread+0x17a/0x1a0 ? processonework+0x3f0/0x3f0 ? setkthreadstruct+0x40/0x40 ? retfromfork+0x22/0x30 </TASK> ---[ end trace 1f82023595a5927f ]--- efi: Froze efirts_wq and disabled EFI Runtime Services integrity: Couldn't get size: 0x8000000000000015 integrity: MODSIGN: Couldn't get UEFI db list efi: EFI Runtime Services are disabled! integrity: Couldn't get size: 0x8000000000000015 integrity: Couldn't get UEFI dbx list integrity: Couldn't get size: 0x8000000000000015 integrity: Couldn't get mokx list integrity: Couldn't get size: 0x80000000

So we avoid reading these UEFI variables and thus prevent the crash.

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.127-1

Affected versions

5.*

5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1
5.10.84-1
5.10.92-1~bpo10+1
5.10.92-1
5.10.92-2
5.10.103-1~bpo10+1
5.10.103-1
5.10.106-1
5.10.113-1
5.10.120-1~bpo10+1
5.10.120-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.18.5-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.18.5-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}