CVE-2022-49065
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49065
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49065.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-49065
- Downstream
- Related
- Published
- 2025-02-26T01:54:33.881Z
- Modified
- 2025-11-19T13:42:41.199373Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- SUNRPC: Fix the svc_deferred_event trace class
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
SUNRPC: Fix the svcdeferredevent trace class
Fix a NULL deref crash that occurs when an svcrqst is deferred while the sunrpc tracing subsystem is enabled. svcrevisit() sets dr->xprt to NULL, so it can't be relied upon in the tracepoint to provide the remote's address.
Unfortunately we can't revert the "svcdeferredclass" hunk in commit ece200ddd54b ("sunrpc: Save remote presentation address in svc_xprt for trace events") because there is now a specific check of event format specifiers for unsafe dereferences. The warning that check emits is:
event svcdeferrecv has unsafe dereference of argument 1
A "%pISpc" format specifier with a "struct sockaddr *" is indeed flagged by this check.
Instead, take the brute-force approach used by the svcrdmaqperror tracepoint. Convert the dr::addr field into a presentation address in the TPfastassign() arm of the trace event, and store that as a string. This fix can be backported to -stable kernels.
In the meantime, commit c6ced22997ad ("tracing: Update print fmt check to handle new _getsockaddr() macro") is now in v5.18, so this wonky fix can be replaced with __sockaddr() and friends properly during the v5.19 merge window.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/4d5004451ab2218eab94a30e1841462c9316ba19
- https://git.kernel.org/stable/c/726ae7300fcc25fefa46d188cc07eb16dc908f9e
- https://git.kernel.org/stable/c/85ee17ca21cf92989e8c923e3ea4514c291e9d38
- https://git.kernel.org/stable/c/c2456f470eea3bd06574d988bf6089e7c3f4c5cc
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedece200ddd54b9ce840cfee554fb812560c545c7dFixed85ee17ca21cf92989e8c923e3ea4514c291e9d38
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedece200ddd54b9ce840cfee554fb812560c545c7dFixed726ae7300fcc25fefa46d188cc07eb16dc908f9e
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedece200ddd54b9ce840cfee554fb812560c545c7dFixedc2456f470eea3bd06574d988bf6089e7c3f4c5cc
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedece200ddd54b9ce840cfee554fb812560c545c7dFixed4d5004451ab2218eab94a30e1841462c9316ba19
Affected versions
v4.*
v4.16
v4.16-rc3
v4.16-rc4
v4.16-rc5
v4.16-rc6
v4.16-rc7
v4.17
v4.17-rc1
v4.17-rc2
v4.17-rc3
v4.17-rc4
v4.17-rc5
v4.17-rc6
v4.17-rc7
v4.18
v4.18-rc1
v4.18-rc2
v4.18-rc3
v4.18-rc4
v4.18-rc5
v4.18-rc6
v4.18-rc7
v4.18-rc8
v4.19
v4.19-rc1
v4.19-rc2
v4.19-rc3
v4.19-rc4
v4.19-rc5
v4.19-rc6
v4.19-rc7
v4.19-rc8
v4.20
v4.20-rc1
v4.20-rc2
v4.20-rc3
v4.20-rc4
v4.20-rc5
v4.20-rc6
v4.20-rc7
v5.*
v5.0
v5.0-rc1
v5.0-rc2
v5.0-rc3
v5.0-rc4
v5.0-rc5
v5.0-rc6
v5.0-rc7
v5.0-rc8
v5.1
v5.1-rc1
v5.1-rc2
v5.1-rc3
v5.1-rc4
v5.1-rc5
v5.1-rc6
v5.1-rc7
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.10.1
v5.10.10
v5.10.100
v5.10.101
v5.10.102
v5.10.103
v5.10.104
v5.10.105
v5.10.106
v5.10.107
v5.10.108
v5.10.109
v5.10.11
v5.10.110
v5.10.111
v5.10.12
v5.10.13
v5.10.14
v5.10.15
v5.10.16
v5.10.17
v5.10.18
v5.10.19
v5.10.2
v5.10.20
v5.10.21
v5.10.22
v5.10.23
v5.10.24
v5.10.25
v5.10.26
v5.10.27
v5.10.28
v5.10.29
v5.10.3
v5.10.30
v5.10.31
v5.10.32
v5.10.33
v5.10.34
v5.10.35
v5.10.36
v5.10.37
v5.10.38
v5.10.39
v5.10.4
v5.10.40
v5.10.41
v5.10.42
v5.10.43
v5.10.44
v5.10.45
v5.10.46
v5.10.47
v5.10.48
v5.10.49
v5.10.5
v5.10.50
v5.10.51
v5.10.52
v5.10.53
v5.10.54
v5.10.55
v5.10.56
v5.10.57
v5.10.58
v5.10.59
v5.10.6
v5.10.60
v5.10.61
v5.10.62
v5.10.63
v5.10.64
v5.10.65
v5.10.66
v5.10.67
v5.10.68
v5.10.69
v5.10.7
v5.10.70
v5.10.71
v5.10.72
v5.10.73
v5.10.74
v5.10.75
v5.10.76
v5.10.77
v5.10.78
v5.10.79
v5.10.8
v5.10.80
v5.10.81
v5.10.82
v5.10.83
v5.10.84
v5.10.85
v5.10.86
v5.10.87
v5.10.88
v5.10.89
v5.10.9
v5.10.90
v5.10.91
v5.10.92
v5.10.93
v5.10.94
v5.10.95
v5.10.96
v5.10.97
v5.10.98
v5.10.99
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.4
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.17.1
v5.17.2
v5.17.3
v5.2
v5.2-rc1
v5.2-rc2
v5.2-rc3
v5.2-rc4
v5.2-rc5
v5.2-rc6
v5.2-rc7
v5.3
v5.3-rc1
v5.3-rc2
v5.3-rc3
v5.3-rc4
v5.3-rc5
v5.3-rc6
v5.3-rc7
v5.3-rc8
v5.4
v5.4-rc1
v5.4-rc2
v5.4-rc3
v5.4-rc4
v5.4-rc5
v5.4-rc6
v5.4-rc7
v5.4-rc8
v5.5
v5.5-rc1
v5.5-rc2
v5.5-rc3
v5.5-rc4
v5.5-rc5
v5.5-rc6
v5.5-rc7
v5.6
v5.6-rc1
v5.6-rc2
v5.6-rc3
v5.6-rc4
v5.6-rc5
v5.6-rc6
v5.6-rc7
v5.7
v5.7-rc1
v5.7-rc2
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8
Database specific
vanir_signatures
[
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"232301691699402778148912450757498143077",
"138409690777657293823623092391885526700",
"111316608626827112071038583002230653121",
"272720709998832231774865528885570728623",
"91128787613826689631160914955198034713",
"83418773842587607890552404162388882239",
"296867925984444808536868388188474221203",
"288807345215715837021988498597020936918",
"224872090108156150077127407793721117279",
"325392820138788770517921780411734849753",
"31007753048599855219991518928836715015",
"125553297693008364587805322378426277160"
]
},
"id": "CVE-2022-49065-23f9555a",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@726ae7300fcc25fefa46d188cc07eb16dc908f9e",
"target": {
"file": "include/trace/events/sunrpc.h"
}
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"232301691699402778148912450757498143077",
"138409690777657293823623092391885526700",
"111316608626827112071038583002230653121",
"272720709998832231774865528885570728623",
"91128787613826689631160914955198034713",
"83418773842587607890552404162388882239",
"296867925984444808536868388188474221203",
"288807345215715837021988498597020936918",
"224872090108156150077127407793721117279",
"325392820138788770517921780411734849753",
"31007753048599855219991518928836715015",
"125553297693008364587805322378426277160"
]
},
"id": "CVE-2022-49065-3c524ded",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4d5004451ab2218eab94a30e1841462c9316ba19",
"target": {
"file": "include/trace/events/sunrpc.h"
}
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"232301691699402778148912450757498143077",
"138409690777657293823623092391885526700",
"111316608626827112071038583002230653121",
"272720709998832231774865528885570728623",
"91128787613826689631160914955198034713",
"83418773842587607890552404162388882239",
"296867925984444808536868388188474221203",
"288807345215715837021988498597020936918",
"224872090108156150077127407793721117279",
"325392820138788770517921780411734849753",
"31007753048599855219991518928836715015",
"125553297693008364587805322378426277160"
]
},
"id": "CVE-2022-49065-8889a23d",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c2456f470eea3bd06574d988bf6089e7c3f4c5cc",
"target": {
"file": "include/trace/events/sunrpc.h"
}
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"232301691699402778148912450757498143077",
"138409690777657293823623092391885526700",
"111316608626827112071038583002230653121",
"272720709998832231774865528885570728623",
"91128787613826689631160914955198034713",
"83418773842587607890552404162388882239",
"296867925984444808536868388188474221203",
"288807345215715837021988498597020936918",
"224872090108156150077127407793721117279",
"325392820138788770517921780411734849753",
"31007753048599855219991518928836715015",
"125553297693008364587805322378426277160"
]
},
"id": "CVE-2022-49065-9f02b75b",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@85ee17ca21cf92989e8c923e3ea4514c291e9d38",
"target": {
"file": "include/trace/events/sunrpc.h"
}
}
]