fkie_cve-2022-49339
Vulnerability from fkie_nvd
Published
2025-02-26 07:01
Modified
2025-02-26 07:01
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport __init-annotated seg6_hmac_init() EXPORT_SYMBOL and __init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated __init. The access to a freed symbol may end up with kernel panic. modpost used to detect it, but it has been broken for a decade. Recently, I fixed modpost so it started to warn it again, then this showed up in linux-next builds. There are two ways to fix it: - Remove __init - Remove EXPORT_SYMBOL I chose the latter for this case because the caller (net/ipv6/seg6.c) and the callee (net/ipv6/seg6_hmac.c) belong to the same module. It seems an internal function call in ipv6.ko.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1084716f76c8045eadf92a9d9a62641f3c8d8c90
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/317260b3eb6384a05a8af212308fa50f3b2e8290
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/3e6de5037148c5a93a436b1e8d2edad3dac11755
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5801f064e35181c71857a80ff18af4dbec3c5f5c
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5d9c1b081ad28c852a97e10dd75412546497694a
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/64aef8efe96c1616142c4476a05731306fc4494e
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/9ba4416b831eeb4d185e88e73488d1d21288e63a
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ab8b2c2de273ec1d698a18e399896a6febb5cda0
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: unexport __init-annotated seg6_hmac_init()\n\nEXPORT_SYMBOL and __init is a bad combination because the .init.text\nsection is freed up after the initialization. Hence, modules cannot\nuse symbols annotated __init. The access to a freed symbol may end up\nwith kernel panic.\n\nmodpost used to detect it, but it has been broken for a decade.\n\nRecently, I fixed modpost so it started to warn it again, then this\nshowed up in linux-next builds.\n\nThere are two ways to fix it:\n\n  - Remove __init\n  - Remove EXPORT_SYMBOL\n\nI chose the latter for this case because the caller (net/ipv6/seg6.c)\nand the callee (net/ipv6/seg6_hmac.c) belong to the same module.\nIt seems an internal function call in ipv6.ko."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ipv6: unexport __init-annotated seg6_hmac_init() EXPORT_SYMBOL y __init es una mala combinaci\u00f3n porque la secci\u00f3n .init.text se libera despu\u00e9s de la inicializaci\u00f3n. Por lo tanto, los m\u00f3dulos no pueden usar s\u00edmbolos anotados __init. El acceso a un s\u00edmbolo liberado puede terminar con un p\u00e1nico del kernel. modpost sol\u00eda detectarlo, pero ha estado roto durante una d\u00e9cada. Recientemente, arregl\u00e9 modpost para que comenzara a advertirlo nuevamente, luego esto apareci\u00f3 en las compilaciones de linux-next. Hay dos formas de solucionarlo: - Eliminar __init - Eliminar EXPORT_SYMBOL Eleg\u00ed esto \u00faltimo para este caso porque el llamador (net/ipv6/seg6.c) y el llamador (net/ipv6/seg6_hmac.c) pertenecen al mismo m\u00f3dulo. Parece una llamada de funci\u00f3n interna en ipv6.ko."
    }
  ],
  "id": "CVE-2022-49339",
  "lastModified": "2025-02-26T07:01:10.657",
  "metrics": {},
  "published": "2025-02-26T07:01:10.657",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/1084716f76c8045eadf92a9d9a62641f3c8d8c90"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/317260b3eb6384a05a8af212308fa50f3b2e8290"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/3e6de5037148c5a93a436b1e8d2edad3dac11755"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/5801f064e35181c71857a80ff18af4dbec3c5f5c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/5d9c1b081ad28c852a97e10dd75412546497694a"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/64aef8efe96c1616142c4476a05731306fc4494e"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/9ba4416b831eeb4d185e88e73488d1d21288e63a"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/ab8b2c2de273ec1d698a18e399896a6febb5cda0"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.