CVE-2022-49100

low-risk

Published 2025-02-26

In the Linux kernel, the following vulnerability has been resolved: virtio_console: eliminate anonymous module_init & module_exit Eliminate anonymous module_init() and module_exit(), which can lead to confusion or ambiguity when reading System.map, crashes/oops/bugs, or an initcall_debug log. Give each of these init and exit functions unique driver-specific names to eliminate the anonymous names. Example 1: (System.map) ffffffff832fc78c t init ffffffff832fc79e t init ffffffff832fc8f8 t init Example 2: (initcall_debug log) calling init+0x0/0x12 @ 1 initcall init+0x0/0x12 returned 0 after 15 usecs calling init+0x0/0x60 @ 1 initcall init+0x0/0x60 returned 0 after 2 usecs calling init+0x0/0x9a @ 1 initcall init+0x0/0x9a returned 0 after 74 usecs

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (9)

Patch https://git.kernel.org/stable/c/0f3d824bd70a1303464d5e93ee3e7afe7832fe89

Patch https://git.kernel.org/stable/c/3504b0a177208eda85bf472bbf7c9aa77d2b8343

Patch https://git.kernel.org/stable/c/3fd5dee7404ce40c79cba468bb2510115639d975

Patch https://git.kernel.org/stable/c/44c2d5fbe7b2bd1f8cb114d608a591a73a5d4ae6

Patch https://git.kernel.org/stable/c/71612aee09ecea3475f8751dc841d75a011b1fd0

Patch https://git.kernel.org/stable/c/7deaddb704713608e0ae559e27185581b9af71a0

Patch https://git.kernel.org/stable/c/93e3d88321d2274fa4e26b006e19cc10fec331c2

Patch https://git.kernel.org/stable/c/c69b442125bf009fce26e15aa5616caf8a3673c3

Patch https://git.kernel.org/stable/c/fefb8a2a941338d871e2d83fbd65fbfa068857bd

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal