In the Linux kernel, the following vulnerability has been resolved:
Drivers: hv: vmbus: Fix potential crash on module unload
The vmbus driver relies on the panic notifier infrastructure to perform some operations when a panic event is detected. Since vmbus can be built as module, it is required that the driver handles both registering and unregistering such panic notifier callback.
After commit 74347a99e73a ("x86/Hyper-V: Unload vmbus channel in hv panic callback") though, the panic notifier registration is done unconditionally in the module initialization routine whereas the unregistering procedure is conditionally guarded and executes only if HVFEATUREGUESTCRASHMSR_AVAILABLE capability is set.
This patch fixes that by unconditionally unregistering the panic notifier in the module's exit routine as well.
[ { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@792f232d57ff28bbd5f9c4abe0466b23d5879dc8", "target": { "function": "vmbus_exit", "file": "drivers/hv/vmbus_drv.c" }, "digest": { "function_hash": "313088270075617638820510741628041229300", "length": 920.0 }, "deprecated": false, "signature_version": "v1", "signature_type": "Function", "id": "CVE-2022-49098-0559d9fe" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cf580d2e3884dbafd6b90269b03a24d661578624", "target": { "function": "vmbus_exit", "file": "drivers/hv/vmbus_drv.c" }, "digest": { "function_hash": "71975903837808138723562739940906738688", "length": 821.0 }, "deprecated": false, "signature_version": "v1", "signature_type": "Function", "id": "CVE-2022-49098-071f8b9c" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3d0078f8bddd58d9bb1ad40bbe929f8633abb276", "target": { "file": "drivers/hv/vmbus_drv.c" }, "digest": { "line_hashes": [ "245244433453977667235390921468310594266", "275592704635034662183553430300043957279", "258246390129657511283581842161351234584", "300920349881741467187788785901155802861", "1134161143894490755409117153080048303", "314091623164970999162586515416412353580" ], "threshold": 0.9 }, "deprecated": false, "signature_version": "v1", "signature_type": "Line", "id": "CVE-2022-49098-2ace286b" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2133c422a103cf7c7768c37b9ac382e73b691892", "target": { "function": "vmbus_exit", "file": "drivers/hv/vmbus_drv.c" }, "digest": { "function_hash": "337172522046515015191429706793769528227", "length": 763.0 }, "deprecated": false, "signature_version": "v1", "signature_type": "Function", "id": "CVE-2022-49098-40fb727b" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2133c422a103cf7c7768c37b9ac382e73b691892", "target": { "file": "drivers/hv/vmbus_drv.c" }, "digest": { "line_hashes": [ "245244433453977667235390921468310594266", "275592704635034662183553430300043957279", "258246390129657511283581842161351234584", "300920349881741467187788785901155802861", "1134161143894490755409117153080048303", "314091623164970999162586515416412353580" ], "threshold": 0.9 }, "deprecated": false, "signature_version": "v1", "signature_type": "Line", "id": "CVE-2022-49098-453ab0c0" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3d0078f8bddd58d9bb1ad40bbe929f8633abb276", "target": { "function": "vmbus_exit", "file": "drivers/hv/vmbus_drv.c" }, "digest": { "function_hash": "313088270075617638820510741628041229300", "length": 920.0 }, "deprecated": false, "signature_version": "v1", "signature_type": "Function", "id": "CVE-2022-49098-46b7c771" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@792f232d57ff28bbd5f9c4abe0466b23d5879dc8", "target": { "file": "drivers/hv/vmbus_drv.c" }, "digest": { "line_hashes": [ "245244433453977667235390921468310594266", "275592704635034662183553430300043957279", "258246390129657511283581842161351234584", "300920349881741467187788785901155802861", "1134161143894490755409117153080048303", "314091623164970999162586515416412353580" ], "threshold": 0.9 }, "deprecated": false, "signature_version": "v1", "signature_type": "Line", "id": "CVE-2022-49098-4e263f3f" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5ea98d0f5f035c1bcf1517ccec0e024ae35a48b2", "target": { "file": "drivers/hv/vmbus_drv.c" }, "digest": { "line_hashes": [ "245244433453977667235390921468310594266", "275592704635034662183553430300043957279", "258246390129657511283581842161351234584", "300920349881741467187788785901155802861", "1134161143894490755409117153080048303", "314091623164970999162586515416412353580" ], "threshold": 0.9 }, "deprecated": false, "signature_version": "v1", "signature_type": "Line", "id": "CVE-2022-49098-711fefcc" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6b4c0149a56147b29169e07000d566162892722a", "target": { "file": "drivers/hv/vmbus_drv.c" }, "digest": { "line_hashes": [ "245244433453977667235390921468310594266", "275592704635034662183553430300043957279", "258246390129657511283581842161351234584", "300920349881741467187788785901155802861", "1134161143894490755409117153080048303", "314091623164970999162586515416412353580" ], "threshold": 0.9 }, "deprecated": false, "signature_version": "v1", "signature_type": "Line", "id": "CVE-2022-49098-83c10cb0" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dcd6b1a624c0ffa21034d8b1e02e9d068458f596", "target": { "file": "drivers/hv/vmbus_drv.c" }, "digest": { "line_hashes": [ "245244433453977667235390921468310594266", "275592704635034662183553430300043957279", "258246390129657511283581842161351234584", "300920349881741467187788785901155802861", "1134161143894490755409117153080048303", "314091623164970999162586515416412353580" ], "threshold": 0.9 }, "deprecated": false, "signature_version": "v1", "signature_type": "Line", "id": "CVE-2022-49098-8867d61f" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dcd6b1a624c0ffa21034d8b1e02e9d068458f596", "target": { "function": "vmbus_exit", "file": "drivers/hv/vmbus_drv.c" }, "digest": { "function_hash": "313088270075617638820510741628041229300", "length": 920.0 }, "deprecated": false, "signature_version": "v1", "signature_type": "Function", "id": "CVE-2022-49098-9c9a834e" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cf580d2e3884dbafd6b90269b03a24d661578624", "target": { "file": "drivers/hv/vmbus_drv.c" }, "digest": { "line_hashes": [ "245244433453977667235390921468310594266", "275592704635034662183553430300043957279", "258246390129657511283581842161351234584", "300920349881741467187788785901155802861", "1134161143894490755409117153080048303", "314091623164970999162586515416412353580" ], "threshold": 0.9 }, "deprecated": false, "signature_version": "v1", "signature_type": "Line", "id": "CVE-2022-49098-bb563909" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5ea98d0f5f035c1bcf1517ccec0e024ae35a48b2", "target": { "function": "vmbus_exit", "file": "drivers/hv/vmbus_drv.c" }, "digest": { "function_hash": "313088270075617638820510741628041229300", "length": 920.0 }, "deprecated": false, "signature_version": "v1", "signature_type": "Function", "id": "CVE-2022-49098-d95d6990" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6b4c0149a56147b29169e07000d566162892722a", "target": { "function": "vmbus_exit", "file": "drivers/hv/vmbus_drv.c" }, "digest": { "function_hash": "189602706115821989720522249195743716710", "length": 725.0 }, "deprecated": false, "signature_version": "v1", "signature_type": "Function", "id": "CVE-2022-49098-e4bfbc7f" } ]