CVE-2022-49390

Summary

CVE-2022-49390 is a use-after-free vulnerability affecting the Linux kernel's macsec module. This issue arises when creating a new macsec device without properly obtaining a reference to real_dev. As a result, real_dev may not be freed, leading to memory being accessed after it has been freed. This can trigger a use-after-free bug, specifically in the macsec_get_iflink function. The calling stack includes functions such as rtnl_create_link, veth_newlink, and netdev_run_todo. The vulnerability was discovered after committing faab339f63c1f ("net: allow out-of-order netdev unregistration") and e5f80fcf869a ("ipv6: give an IPv6 dev to blackhole_netdev"). To resolve this issue, developers can add dev_hold_track() in macsec_dev_init() and dev_put_track() in macsec_free_netdev().

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.