logo_clicknbuy.png

CVE-2022-49918 – Linux Kernel ipvs proc_entry Double Free

The following table lists the changes that have been made to the
CVE-2022-49918 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    May. 01, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved:

    ipvs: fix WARNING in __ip_vs_cleanup_batch()

    During the initialization of ip_vs_conn_net_init(), if file ip_vs_conn
    or ip_vs_conn_sync fails to be created, the initialization is successful
    by default. Therefore, the ip_vs_conn or ip_vs_conn_sync file doesn’t
    be found during the remove.

    The following is the stack information:
    name ‘ip_vs_conn_sync’
    WARNING: CPU: 3 PID: 9 at fs/proc/generic.c:712
    remove_proc_entry+0x389/0x460
    Modules linked in:
    Workqueue: netns cleanup_net
    RIP: 0010:remove_proc_entry+0x389/0x460
    Call Trace:

    __ip_vs_cleanup_batch+0x7d/0x120
    ops_exit_list+0x125/0x170
    cleanup_net+0x4ea/0xb00
    process_one_work+0x9bf/0x1710
    worker_thread+0x665/0x1080
    kthread+0x2e4/0x3a0
    ret_from_fork+0x1f/0x30

    Added Reference https://git.kernel.org/stable/c/3d00c6a0da8ddcf75213e004765e4a42acc71d5d
    Added Reference https://git.kernel.org/stable/c/5ee2d6b726b0ce339e36569e5849692f4cf4595e
    Added Reference https://git.kernel.org/stable/c/7effc4ce3d1434ce6ff286866585a6e905fdbfc1
    Added Reference https://git.kernel.org/stable/c/931f56d59c854263b32075bfac56fdb3b1598d1b
    Added Reference https://git.kernel.org/stable/c/e724220b826e008764309d2a1f55a9434a4e1530
    Added Reference https://git.kernel.org/stable/c/f08ee2aa24c076f81d84e26e213d8c6f4efd9f50
Share the Post:

Related Posts