CVE-2022-49258
Published: 26 February 2025
Summary
CVE-2022-49258 is a high-severity Use After Free (CWE-416) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 7.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).
Deeper analysis
CVE-2022-49258 is a use-after-free vulnerability in the Linux kernel's crypto/ccree driver, specifically within the cc_cipher_exit() function. The flaw arises when kfree_sensitive(ctx_p->user.key) frees the ctx_p->user.key memory, but the subsequent dev_dbg() call still references it, resulting in a use-after-free condition classified under CWE-416.
A local attacker with low privileges can exploit this vulnerability with low attack complexity and no user interaction required. Successful exploitation leads to high impacts on confidentiality, integrity, and availability, as indicated by the CVSS 3.1 score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
Mitigation is provided through patches in Linux kernel stable branches, including commits at https://git.kernel.org/stable/c/25c358efee5153dfd240d4e0d3169d5bebe9cacd, https://git.kernel.org/stable/c/335bf1fc74f775a8255257aa3e33763f2257b676, https://git.kernel.org/stable/c/3d950c34074ed74d2713c3856ba01264523289e6, https://git.kernel.org/stable/c/c93017c8d5ebf55a4e453ac7c84cc84cf92ab570, and https://git.kernel.org/stable/c/cffb5382bd8d3cf21b874ab5b84bf7618932286b. Security practitioners should update affected systems to kernel versions incorporating these fixes.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-54968
Vulnerability details
In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cc_cipher_exit() kfree_sensitive(ctx_p->user.key) will free the ctx_p->user.key. But ctx_p->user.key is still used in the next line, which will lead to a use after…
more
free. We can call kfree_sensitive() after dev_dbg() to avoid the uaf.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local kernel use-after-free enables privilege escalation from low-privileged user context.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires identification, reporting, and correction of flaws like the use-after-free in cc_cipher_exit() through timely patching of the Linux kernel.
Enforces memory protections such as address space layout randomization and non-executable memory to mitigate exploitation of the kernel use-after-free vulnerability.
Conducts vulnerability scanning to identify and prioritize remediation of specific kernel flaws like CVE-2022-49258.