vulnerability
Ubuntu: (CVE-2022-49905): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | May 1, 2025 | May 8, 2025 | Apr 16, 2026 |
Description
In the Linux kernel, the following vulnerability has been resolved:
net/smc: Fix possible leaked pernet namespace in smc_init()
In smc_init(), register_pernet_subsys(&smc_net_stat_ops) is called
without any error handling.
If it fails, registering of &smc_net_ops won't be reverted.
And if smc_nl_init() fails, &smc_net_stat_ops itself won't be reverted.
This leaves wild ops in subsystem linkedlist and when another module
tries to call register_pernet_operations() it triggers page fault:
BUG: unable to handle page fault for address: fffffbfff81b964c
RIP: 0010:register_pernet_operations+0x1b9/0x5f0
Call Trace:
<TASK>
register_pernet_subsys+0x29/0x40
ebtables_init+0x58/0x1000 [ebtables]
...
Solutions
References
- CVE-2022-49905
- https://attackerkb.com/topics/CVE-2022-49905
- CWE-401
- EUVD-EUVD-2025-12873
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-12873
- https://git.kernel.org/linus/62ff373da2534534c55debe6c724c7fe14adb97f
- https://git.kernel.org/stable/c/61defd6450a9ef4a1487090449999b0fd83518ef
- https://git.kernel.org/stable/c/62ff373da2534534c55debe6c724c7fe14adb97f
- https://git.kernel.org/stable/c/c97daf836f7caf81d3144b8cd2b2a51f9bc3bd09
- https://www.cve.org/CVERecord?id=CVE-2022-49905
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.