CVE-2022-49180
Published: Feb 26, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: LSM: general protection fault in legacy_parse_param The usual LSM hook "bail on fail" scheme doesn't work for cases where a security module may return an error code indicating that it does not recognize an input. In this particular case Smack sees a mount option that it recognizes, and returns 0. A call to a BPF hook follows, which returns -ENOPARAM, which confuses the caller because Smack has processed its data. The SELinux hook incorrectly returns 1 on success. There was a time when this was correct, however the current expectation is that it return 0 on success. This is repaired.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected da2441fdffbf7602da702aea5bd95ca4dc3d63fc - < ddcdda888e14ca451b3ee83d11b65b2a9c8e783baffected da2441fdffbf7602da702aea5bd95ca4dc3d63fc - < 2784604c8c6fc523248f8f80a421c313a9d790b7affected da2441fdffbf7602da702aea5bd95ca4dc3d63fc - < f3f93a1aaafc3032e0a9655fb43deccfb3e953a3affected da2441fdffbf7602da702aea5bd95ca4dc3d63fc - < 00fc07fa0b4a004711b6e1a944f0d2e46f7093b7affected da2441fdffbf7602da702aea5bd95ca4dc3d63fc - < cadae7c5e477aaafcba819b8e4a3d1c1a1503b62+1 more versions |
Linux | Linux | affected 5.1unaffected 0 - < 5.1unaffected 5.4.189 - <= 5.4.*unaffected 5.10.110 - <= 5.10.*unaffected 5.15.33 - <= 5.15.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now