CVE-2022-49726
Published: Feb 26, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport __init-annotated hv_init_clocksource() EXPORT_SYMBOL and __init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated __init. The access to a freed symbol may end up with kernel panic. modpost used to detect it, but it has been broken for a decade. Recently, I fixed modpost so it started to warn it again, then this showed up in linux-next builds. There are two ways to fix it: - Remove __init - Remove EXPORT_SYMBOL I chose the latter for this case because the only in-tree call-site, arch/x86/kernel/cpu/mshyperv.c is never compiled as modular. (CONFIG_HYPERVISOR_GUEST is boolean)
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected dd2cb348613b44f9d948b068775e159aad298599 - < cff3a7ce6e81418b6e8bac941779bbf5d342d626affected dd2cb348613b44f9d948b068775e159aad298599 - < db965e2757d95f695e606856418cd84003dd036daffected dd2cb348613b44f9d948b068775e159aad298599 - < 0414eab7c78f3518143d383e448d44fc573ac6d2affected dd2cb348613b44f9d948b068775e159aad298599 - < 937fcbb55a1e48a6422e87e8f49422c92265f102affected dd2cb348613b44f9d948b068775e159aad298599 - < 245b993d8f6c4e25f19191edfbd8080b645e12b1 |
Linux | Linux | affected 5.3unaffected 0 - < 5.3unaffected 5.4.200 - <= 5.4.*unaffected 5.10.124 - <= 5.10.*unaffected 5.15.49 - <= 5.15.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now