{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-49098", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-02-26T01:49:39.250Z", "datePublished": "2025-02-26T01:54:50.073Z", "dateUpdated": "2025-05-04T12:44:17.900Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:44:17.900Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Fix potential crash on module unload\n\nThe vmbus driver relies on the panic notifier infrastructure to perform\nsome operations when a panic event is detected. Since vmbus can be built\nas module, it is required that the driver handles both registering and\nunregistering such panic notifier callback.\n\nAfter commit 74347a99e73a (\"x86/Hyper-V: Unload vmbus channel in hv panic callback\")\nthough, the panic notifier registration is done unconditionally in the module\ninitialization routine whereas the unregistering procedure is conditionally\nguarded and executes only if HV_FEATURE_GUEST_CRASH_MSR_AVAILABLE capability\nis set.\n\nThis patch fixes that by unconditionally unregistering the panic notifier\nin the module's exit routine as well."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/hv/vmbus_drv.c"], "versions": [{"version": "5e059fc0f054309036d3f612bc8b0a502ca58545", "lessThan": "6b4c0149a56147b29169e07000d566162892722a", "status": "affected", "versionType": "git"}, {"version": "9f38f7b46de0747c1909e8c557aa21715dce20c5", "lessThan": "2133c422a103cf7c7768c37b9ac382e73b691892", "status": "affected", "versionType": "git"}, {"version": "74347a99e73ae00b8385f1209aaea193c670f901", "lessThan": "cf580d2e3884dbafd6b90269b03a24d661578624", "status": "affected", "versionType": "git"}, {"version": "74347a99e73ae00b8385f1209aaea193c670f901", "lessThan": "dcd6b1a624c0ffa21034d8b1e02e9d068458f596", "status": "affected", "versionType": "git"}, {"version": "74347a99e73ae00b8385f1209aaea193c670f901", "lessThan": "5ea98d0f5f035c1bcf1517ccec0e024ae35a48b2", "status": "affected", "versionType": "git"}, {"version": "74347a99e73ae00b8385f1209aaea193c670f901", "lessThan": "3d0078f8bddd58d9bb1ad40bbe929f8633abb276", "status": "affected", "versionType": "git"}, {"version": "74347a99e73ae00b8385f1209aaea193c670f901", "lessThan": "792f232d57ff28bbd5f9c4abe0466b23d5879dc8", "status": "affected", "versionType": "git"}, {"version": "caeeb3787167c884b955404a7e669fd77f267e44", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/hv/vmbus_drv.c"], "versions": [{"version": "5.7", "status": "affected"}, {"version": "0", "lessThan": "5.7", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.238", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.189", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.111", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.34", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.16.20", "lessThanOrEqual": "5.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.17.3", "lessThanOrEqual": "5.17.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.18", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19.118", "versionEndExcluding": "4.19.238"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.35", "versionEndExcluding": "5.4.189"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "5.10.111"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "5.15.34"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "5.16.20"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "5.17.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "5.18"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6.7"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/6b4c0149a56147b29169e07000d566162892722a"}, {"url": "https://git.kernel.org/stable/c/2133c422a103cf7c7768c37b9ac382e73b691892"}, {"url": "https://git.kernel.org/stable/c/cf580d2e3884dbafd6b90269b03a24d661578624"}, {"url": "https://git.kernel.org/stable/c/dcd6b1a624c0ffa21034d8b1e02e9d068458f596"}, {"url": "https://git.kernel.org/stable/c/5ea98d0f5f035c1bcf1517ccec0e024ae35a48b2"}, {"url": "https://git.kernel.org/stable/c/3d0078f8bddd58d9bb1ad40bbe929f8633abb276"}, {"url": "https://git.kernel.org/stable/c/792f232d57ff28bbd5f9c4abe0466b23d5879dc8"}], "title": "Drivers: hv: vmbus: Fix potential crash on module unload", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C3BCE692-0D48-4D71-9D2B-5678311DB6DB", "versionEndExcluding": "4.19.238", "versionStartIncluding": "4.19.118", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "11898558-0482-4131-82FF-3F34C815F86D", "versionEndExcluding": "5.4.189", "versionStartIncluding": "5.4.35", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "30A44027-1F59-4AF5-B227-86E61A43A865", "versionEndExcluding": "5.7", "versionStartIncluding": "5.6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2946F997-F721-4DFF-BAAD-91F3EA5F1B61", "versionEndExcluding": "5.10.111", "versionStartIncluding": "5.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D25878D3-7761-4E9F-8919-E92CD53896E0", "versionEndExcluding": "5.15.34", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "ABBBA66E-0244-4621-966B-9790AF1EEB00", "versionEndExcluding": "5.16.20", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE420AC7-1E59-4398-B84F-71F4B4337762", "versionEndExcluding": "5.17.3", "versionStartIncluding": "5.17", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.7:-:*:*:*:*:*:*", "matchCriteriaId": "3D23CE42-BDB2-4216-8495-230ABE98FCDD", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.7:rc2:*:*:*:*:*:*", "matchCriteriaId": "2AAE09B2-58C0-42B8-ACDA-578904723270", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.7:rc3:*:*:*:*:*:*", "matchCriteriaId": "59EEFC0E-2E5A-4113-A58D-2EE2CC7CFA3B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.7:rc4:*:*:*:*:*:*", "matchCriteriaId": "3CC0A9A2-D528-49AA-AB7F-37C5EA7AB76D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.7:rc5:*:*:*:*:*:*", "matchCriteriaId": "512FF86F-0B8C-4DEB-9041-8BD384DD2E58", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.7:rc6:*:*:*:*:*:*", "matchCriteriaId": "F1AB4A11-C03C-4ABB-B596-0EB3B0F1A8DF", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.7:rc7:*:*:*:*:*:*", "matchCriteriaId": "9D26AE9C-D49F-4FE9-8A6A-5A7199B7436E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*", "matchCriteriaId": "6AD94161-84BB-42E6-9882-4FC0C42E9FC1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Fix potential crash on module unload\n\nThe vmbus driver relies on the panic notifier infrastructure to perform\nsome operations when a panic event is detected. Since vmbus can be built\nas module, it is required that the driver handles both registering and\nunregistering such panic notifier callback.\n\nAfter commit 74347a99e73a (\"x86/Hyper-V: Unload vmbus channel in hv panic callback\")\nthough, the panic notifier registration is done unconditionally in the module\ninitialization routine whereas the unregistering procedure is conditionally\nguarded and executes only if HV_FEATURE_GUEST_CRASH_MSR_AVAILABLE capability\nis set.\n\nThis patch fixes that by unconditionally unregistering the panic notifier\nin the module's exit routine as well."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Controladores: hv: vmbus: corrige un posible fallo al descargar un m\u00f3dulo El controlador vmbus depende de la infraestructura del notificador de p\u00e1nico para realizar algunas operaciones cuando se detecta un evento de p\u00e1nico. Dado que vmbus se puede crear como un m\u00f3dulo, se requiere que el controlador controle tanto el registro como la anulaci\u00f3n del registro de dicha devoluci\u00f3n de llamada del notificador de p\u00e1nico. Sin embargo, despu\u00e9s de el commit 74347a99e73a (\"x86/Hyper-V: Descargar canal vmbus en la devoluci\u00f3n de llamada de p\u00e1nico hv\"), el registro del notificador de p\u00e1nico se realiza de forma incondicional en la rutina de inicializaci\u00f3n del m\u00f3dulo, mientras que el procedimiento de anulaci\u00f3n del registro se protege de forma condicional y se ejecuta solo si se establece la capacidad HV_FEATURE_GUEST_CRASH_MSR_AVAILABLE. Este parche corrige eso anulando incondicionalmente el registro del notificador de p\u00e1nico tambi\u00e9n en la rutina de salida del m\u00f3dulo."}], "id": "CVE-2022-49098", "lastModified": "2025-10-14T20:04:11.550", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-02-26T07:00:47.247", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2133c422a103cf7c7768c37b9ac382e73b691892"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3d0078f8bddd58d9bb1ad40bbe929f8633abb276"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5ea98d0f5f035c1bcf1517ccec0e024ae35a48b2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6b4c0149a56147b29169e07000d566162892722a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/792f232d57ff28bbd5f9c4abe0466b23d5879dc8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/cf580d2e3884dbafd6b90269b03a24d661578624"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dcd6b1a624c0ffa21034d8b1e02e9d068458f596"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: Drivers: hv: vmbus: Fix potential crash on module unload", "id": "2348148", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348148"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nDrivers: hv: vmbus: Fix potential crash on module unload\nThe vmbus driver relies on the panic notifier infrastructure to perform\nsome operations when a panic event is detected. Since vmbus can be built\nas module, it is required that the driver handles both registering and\nunregistering such panic notifier callback.\nAfter commit 74347a99e73a (\"x86/Hyper-V: Unload vmbus channel in hv panic callback\")\nthough, the panic notifier registration is done unconditionally in the module\ninitialization routine whereas the unregistering procedure is conditionally\nguarded and executes only if HV_FEATURE_GUEST_CRASH_MSR_AVAILABLE capability\nis set.\nThis patch fixes that by unconditionally unregistering the panic notifier\nin the module's exit routine as well."], "name": "CVE-2022-49098", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-49098\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49098\nhttps://lore.kernel.org/linux-cve-announce/2025022600-CVE-2022-49098-9755@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-07-12T22:01:00.766144+00:00", "updated": "2025-07-12T22:01:00.766224+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}