CVE-2022-48628

Summary

CVE-2022-48628 is a vulnerability affecting the Linux kernel that was resolved in a recent update. This issue occurs during the unmounting process of Ceph file systems. When unmounting, the kernel fails to wait for acknowledgments from MDSs before releasing the last reference of i_count, resulting in skipped inodes. If encryption is enabled, the kernel generates a warning when removing encrypt keys, which can lead to a CPU warning and potential system crash. Specifically, the vulnerability allows an attacker to skip inodes during the unmounting process, which can later cause the kernel to crash when attempting to release the encryption keys. The vulnerability was discovered during the generic_shutdown_super() function call, which ultimately led to the release of sb->s_master_keys before they should have been, causing the iput() function to dereference a released pointer and resulting in a kernel crash.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.