CVE-2022-49339
Published: Feb 26, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport __init-annotated seg6_hmac_init() EXPORT_SYMBOL and __init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated __init. The access to a freed symbol may end up with kernel panic. modpost used to detect it, but it has been broken for a decade. Recently, I fixed modpost so it started to warn it again, then this showed up in linux-next builds. There are two ways to fix it: - Remove __init - Remove EXPORT_SYMBOL I chose the latter for this case because the caller (net/ipv6/seg6.c) and the callee (net/ipv6/seg6_hmac.c) belong to the same module. It seems an internal function call in ipv6.ko.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected bf355b8d2c30a289232042cacc1cfaea4923936c - < 64aef8efe96c1616142c4476a05731306fc4494eaffected bf355b8d2c30a289232042cacc1cfaea4923936c - < ab8b2c2de273ec1d698a18e399896a6febb5cda0affected bf355b8d2c30a289232042cacc1cfaea4923936c - < 317260b3eb6384a05a8af212308fa50f3b2e8290affected bf355b8d2c30a289232042cacc1cfaea4923936c - < 5d9c1b081ad28c852a97e10dd75412546497694aaffected bf355b8d2c30a289232042cacc1cfaea4923936c - < 1084716f76c8045eadf92a9d9a62641f3c8d8c90+3 more versions |
Linux | Linux | affected 4.10unaffected 0 - < 4.10unaffected 4.14.283 - <= 4.14.*unaffected 4.19.247 - <= 4.19.*unaffected 5.4.198 - <= 5.4.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now