Cyber Resilience

CVE-2022-49455

High

Published: 26 February 2025

Published
26 February 2025
Modified
01 October 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 5.2th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-49455 is a high-severity Double Free (CWE-415) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 5.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).

Deeper analysis

CVE-2022-49455 is a double free vulnerability (CWE-415) in the Linux kernel's misc: ocxl component, specifically within the ocxl_file_register_afu function. The issue occurs because info_release() is automatically invoked during device_unregister() when the info->dev reference count reaches zero, rendering subsequent calls to ocxl_afu_put() and kfree() redundant and potentially causing a double free.

The vulnerability carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating it requires local access, low attack complexity, and low privileges with no user interaction. A successful local attacker could leverage the double free to achieve high impacts on confidentiality, integrity, and availability, potentially leading to memory corruption or kernel instability.

Kernel stable patches resolve the issue by adding a free_minor() call and an early return in the err_unregister error path, as detailed in the following commits: https://git.kernel.org/stable/c/252768d32e92c1214aeebb5fec0844ca479bcf5c, https://git.kernel.org/stable/c/8fb674216835e1f0c143762696d645facebb4685, https://git.kernel.org/stable/c/950cf957fe34d40d63dfa3bf3968210430b6491e, https://git.kernel.org/stable/c/9e9087cf34ee69f4e95d146ac29385d6e367a97b, and https://git.kernel.org/stable/c/de65c32ace9aa70d51facc61ba986607075e3a25. Security practitioners should ensure affected Linux kernel versions are updated with these fixes.

EU & UK References

Vulnerability details

In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible double free in ocxl_file_register_afu info_release() will be called in device_unregister() when info->dev's reference count is 0. So there is no need to call ocxl_afu_put() and kfree()…

more

again. Fix this by adding free_minor() and return to err_unregister error path.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Double-free in kernel driver enables local memory corruption for privilege escalation (AV:L, high C/I/A impact).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-23387Same product: Linux Linux Kernel
CVE-2024-57980Same product: Linux Linux Kernel
CVE-2026-31489Same product: Linux Linux Kernel
CVE-2022-49391Same product: Linux Linux Kernel
CVE-2022-49290Same product: Linux Linux Kernel
CVE-2026-23162Same product: Linux Linux Kernel
CVE-2026-23068Same product: Linux Linux Kernel
CVE-2022-49384Same product: Linux Linux Kernel
CVE-2026-31475Same product: Linux Linux Kernel
CVE-2022-49530Same product: Linux Linux Kernel

Affected Assets

linux
linux kernel
5.2 — 5.4.198 · 5.5 — 5.10.121 · 5.11 — 5.15.46

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the double free vulnerability in the Linux kernel's ocxl_file_register_afu by applying the specified stable patches to eliminate the flaw.

detect

Identifies systems running vulnerable Linux kernel versions affected by CVE-2022-49455 through vulnerability scanning, enabling timely remediation.

prevent

Mitigates potential exploitation of the double free via kernel memory protections such as ASLR and DEP, reducing impacts on confidentiality, integrity, and availability.

References