SB20250502132 - Use-after-free in Linux kernel crypto
Published: May 2, 2025 Updated: May 10, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use-after-free (CVE-ID: CVE-2022-49899)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __put_super() and generic_shutdown_super() functions in fs/super.c, within the fscrypt_set_context() function in fs/crypto/policy.c, within the fscrypt_destroy_prepared_key(), fscrypt_valid_master_key_size(), setup_file_encryption_key(), put_crypt_info(), fscrypt_setup_encryption_info(), EXPORT_SYMBOL() and fscrypt_drop_inode() functions in fs/crypto/keysetup.c, within the move_master_key_secret(), valid_key_spec(), search_fscrypt_keyring(), format_mk_user_description(), allocate_filesystem_keyring(), fscrypt_find_master_key(), allocate_master_key_users_keyring(), add_master_key_user(), remove_master_key_user(), add_existing_master_key(), do_add_master_key(), fscrypt_verify_key_added(), do_remove_key(), fscrypt_ioctl_get_key_status() and fscrypt_init_keyring() functions in fs/crypto/keyring.c, within the fscrypt_prepare_setflags() function in fs/crypto/hooks.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/391cceee6d435e616f68631e68f5b32d480b1e67
- https://git.kernel.org/stable/c/68d15d6558a386f46d815a6ac39edecad713a1bf
- https://git.kernel.org/stable/c/d7e7b9af104c7b389a0c21eb26532511bce4b510
- https://git.kernel.org/stable/c/e6f4fd85ef1ee6ab356bfbd64df28c1cb73aee7e
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.78