{"id":"CVE-2022-49390","summary":"macsec: fix UAF bug for real_dev","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nmacsec: fix UAF bug for real_dev\n\nCreate a new macsec device but not get reference to real_dev. That can\nnot ensure that real_dev is freed after macsec. That will trigger the\nUAF bug for real_dev as following:\n\n==================================================================\nBUG: KASAN: use-after-free in macsec_get_iflink+0x5f/0x70 drivers/net/macsec.c:3662\nCall Trace:\n ...\n macsec_get_iflink+0x5f/0x70 drivers/net/macsec.c:3662\n dev_get_iflink+0x73/0xe0 net/core/dev.c:637\n default_operstate net/core/link_watch.c:42 [inline]\n rfc2863_policy+0x233/0x2d0 net/core/link_watch.c:54\n linkwatch_do_dev+0x2a/0x150 net/core/link_watch.c:161\n\nAllocated by task 22209:\n ...\n alloc_netdev_mqs+0x98/0x1100 net/core/dev.c:10549\n rtnl_create_link+0x9d7/0xc00 net/core/rtnetlink.c:3235\n veth_newlink+0x20e/0xa90 drivers/net/veth.c:1748\n\nFreed by task 8:\n ...\n kfree+0xd6/0x4d0 mm/slub.c:4552\n kvfree+0x42/0x50 mm/util.c:615\n device_release+0x9f/0x240 drivers/base/core.c:2229\n kobject_cleanup lib/kobject.c:673 [inline]\n kobject_release lib/kobject.c:704 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1c8/0x540 lib/kobject.c:721\n netdev_run_todo+0x72e/0x10b0 net/core/dev.c:10327\n\nAfter commit faab39f63c1f (\"net: allow out-of-order netdev unregistration\")\nand commit e5f80fcf869a (\"ipv6: give an IPv6 dev to blackhole_netdev\"), we\ncan add dev_hold_track() in macsec_dev_init() and dev_put_track() in\nmacsec_free_netdev() to fix the problem.","modified":"2026-05-18T05:55:50.288165682Z","published":"2025-02-26T02:11:23.327Z","related":["SUSE-SU-2025:01600-1","SUSE-SU-2025:1176-1","SUSE-SU-2025:1241-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49390.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/196a888ca6571deb344468e1d7138e3273206335"},{"type":"WEB","url":"https://git.kernel.org/stable/c/78933cbc143b82d02330e00900d2fd08f2682f4e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d130282179aa6051449ac8f8df1115769998a665"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49390.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49390"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"2bce1ebed17da54c65042ec2b962e3234bad5b47"},{"fixed":"78933cbc143b82d02330e00900d2fd08f2682f4e"},{"fixed":"d130282179aa6051449ac8f8df1115769998a665"},{"fixed":"196a888ca6571deb344468e1d7138e3273206335"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"1861904a6092ed411203c6a02c75bfc45b27cc3c"},{"last_affected":"3a2675a2d97a68332fa5c33043038bfeb31455a8"},{"last_affected":"b0add6db3d5ec4561cab257358871a9d3df7f0a3"}]}],"versions":["v5.3","v5.3.10","v4.19.83","v4.14.153","v5.3.9","v4.19.82","v4.14.152","v5.3.8","v4.19.81","v4.14.151","v5.3.7","v4.19.80","v4.14.150","v5.3.6","v4.19.79","v4.14.149","v5.3.5","v4.19.78","v4.14.148","v5.3.4","v4.19.77","v4.14.147","v5.3.3","v4.19.76","v4.14.146","v4.19.75","v5.3.2","v5.3.1","v5.3-rc5","v5.3-rc1","v4.19.74","v4.14.145","v5.3-rc2","v4.19.73","v4.14.144","v5.3-rc3","v5.3-rc8","v4.19.72","v4.14.143","v5.3-rc7","v5.3-rc4","v4.19.71","v4.14.142","v4.19.70","v4.19.69","v4.14.141","v5.2","v5.3-rc6","v4.19.68","v4.14.140","v4.14.139","v4.19.67","v4.14.138","v4.19.66","v4.14.137","v4.19.65","v4.19.64","v4.14.136","v4.14.135","v4.19.63","v4.14.134","v4.19.62","v4.19.61","v4.19.60","v5.2-rc2","v4.14.133","v4.19.59","v5.2-rc7","v5.2-rc4","v4.19.58","v5.2-rc1","v4.14.132","v4.19.57","v5.2-rc5","v5.2-rc6","v4.14.131","v4.19.56","v5.2-rc3","v4.14.130","v4.14.129","v4.19.55","v5.1","v4.19.54","v4.14.128","v4.19.53","v4.14.127","v4.19.52","v4.14.126","v4.19.51","v4.14.125","v4.19.50","v4.14.124","v4.19.49","v4.14.123","v4.19.48","v4.19.47","v4.14.122","v4.19.46","v4.14.121","v4.19.45","v4.19.44","v4.14.120","v4.14.119","v4.19.43","v5.0-rc8","v4.14.118","v4.19.42","v5.1-rc7","v5.1-rc1","v4.19.41","v4.14.117","v5.1-rc6","v4.19.40","v4.14.116","v5.1-rc5","v4.19.39","v4.19.38","v4.14.115","v5.0","v4.19.37","v4.14.114","v5.1-rc3","v4.19.36","v4.14.113","v5.1-rc2","v4.19.35","v4.14.112","v5.1-rc4","v4.19.34","v4.14.111","v5.0-rc1","v4.19.33","v4.14.110","v4.19.32","v4.14.109","v4.19.31","v4.14.108","v4.19.30","v4.14.107","v4.14.106","v4.19.29","v4.14.105","v4.19.28","v4.19.27","v4.19.26","v4.14.104","v5.0-rc4","v5.0-rc3","v5.0-rc6","v4.19.25","v4.14.103","v5.0-rc7","v4.19.24","v4.14.102","v5.0-rc2","v4.19.23","v4.14.101","v5.0-rc5","v4.19.22","v4.14.100","v4.19.21","v4.14.99","v4.19.20","v4.14.98","v4.14.97","v4.19.19","v4.19.18","v4.14.96","v4.14.95","v4.19.17","v4.20-rc1","v4.14.94","v4.19.16","v4.19","v4.14.93","v4.19.15","v4.20","v4.14.92","v4.19.14","v4.19.13","v4.14.91","v4.20-rc7","v4.20-rc5","v4.14.90","v4.19.12","v4.20-rc6","v4.19.11","v4.14.89","v4.19.10","v4.20-rc4","v4.20-rc2","v4.14.88","v4.19.9","v4.14.87","v4.19.8","v4.20-rc3","v4.14.86","v4.19.7","v4.14.85","v4.19.6","v4.14.84","v4.19.5","v4.19.4","v4.14.83","v4.14.82","v4.19.3","v4.14.81","v4.19.2","v4.14.80","v4.19.1","v4.14.79","v4.14.78","v4.19-rc2","v4.19-rc8","v4.19-rc4","v4.14.77","v4.19-rc1","v4.14.76","v4.19-rc7","v4.14.75","v4.14.74","v4.19-rc6","v4.19-rc5","v4.14.73","v4.19-rc3","v4.14.72","v4.14.71","v4.14.70","v4.14.69","v4.14.68","v4.14.67","v4.14.66","v4.18","v4.14.65","v4.14.64","v4.14.63","v4.18-rc1","v4.14.62","v4.18-rc8","v4.18-rc2","v4.18-rc5","v4.14.61","v4.18-rc6","v4.14.60","v4.18-rc7","v4.14.59","v4.17","v4.14.58","v4.18-rc3","v4.14.57","v4.14.56","v4.18-rc4","v4.14.55","v4.14.54","v4.14.53","v4.14.52","v4.14.51","v4.14.50","v4.14.49","v4.14.48","v4.17-rc1","v4.14.47","v4.17-rc2","v4.17-rc7","v4.17-rc3","v4.17-rc4","v4.16","v4.14.46","v4.14.45","v4.17-rc6","v4.14.44","v4.17-rc5","v4.14.43","v4.14.42","v4.14.41","v4.14.40","v4.14.39","v4.14.38","v4.14.37","v4.14.36","v4.14.35","v4.14.34","v4.14.33","v4.16-rc7","v4.16-rc4","v4.14.32","v4.16-rc1","v4.16-rc2","v4.16-rc5","v4.14.31","v4.14.30","v4.16-rc3","v4.16-rc6","v4.14.29","v4.14.28","v4.14.27","v4.14.26","v4.14.25","v4.14.24","v4.14","v4.14.23","v4.15","v4.14.22","v4.14.21","v4.14.20","v4.14.19","v4.14.18","v4.14.17","v4.15-rc1","v4.14.16","v4.15-rc4","v4.14.15","v4.15-rc9","v4.14.14","v4.15-rc8","v4.15-rc7","v4.14.13","v4.15-rc3","v4.15-rc2","v4.15-rc5","v4.15-rc6","v4.14.12","v4.14.11","v4.14.10","v4.14.9","v4.14.8","v4.14.7","v4.14.6","v4.14.5","v4.14.4","v4.14.3","v4.14.2","v4.14-rc1","v4.14.1","v4.14-rc7","v4.14-rc3","v4.13","v4.14-rc8","v4.14-rc4","v4.14-rc6","v4.14-rc2","v4.14-rc5","v4.13-rc2","v4.13-rc1","v4.13-rc3","v4.13-rc7","v4.13-rc4","v4.13-rc5","v4.13-rc6","v4.12-rc1","v4.12","v4.12-rc5","v4.12-rc7","v4.12-rc6","v4.12-rc4","v4.12-rc2","v4.12-rc3","v4.11","v4.11-rc1","v4.11-rc6","v4.11-rc8","v4.11-rc7","v4.11-rc3","v4.11-rc5","v4.11-rc2","v4.11-rc4","v4.10","v4.9","v4.10-rc8","v4.10-rc3","v4.10-rc1","v4.10-rc7","v4.10-rc6","v4.10-rc2","v4.10-rc5","v4.10-rc4","v4.9-rc7","v4.9-rc6","v4.9-rc8","v4.9-rc1","v4.9-rc5","v4.9-rc3","v4.9-rc4","v4.9-rc2","v4.8","v4.8-rc8","v4.8-rc2","v4.8-rc1","v4.8-rc7","v4.8-rc6","v4.8-rc5","v4.8-rc4","v4.8-rc3","v4.7","v4.7-rc4","v4.7-rc2","v4.7-rc1","v4.7-rc7","v4.7-rc6","v4.7-rc3","v4.7-rc5","v4.6","v4.6-rc1","v4.6-rc6","v4.6-rc4","v4.6-rc7","v4.6-rc5","v4.5-rc4","v4.6-rc2","v4.6-rc3","v4.5","v4.4","v4.5-rc1","v4.5-rc6","v4.5-rc2","v4.5-rc7","v4.5-rc5","v4.5-rc3","v4.4-rc1","v4.4-rc2","v4.4-rc8","v4.4-rc3","v4.4-rc7","v4.4-rc5","v4.4-rc6","v4.4-rc4","v4.3","v4.3-rc1","v4.3-rc6","v4.3-rc4","v4.3-rc2","v4.3-rc7","v4.3-rc5","v4.3-rc3","v4.2","v4.2-rc2","v4.2-rc1","v4.2-rc8","v4.2-rc4","v4.2-rc6","v4.2-rc7","v4.0-rc5","v4.2-rc5","v4.2-rc3","v4.1-rc2","v4.1","v4.1-rc1","v4.1-rc8","v4.1-rc7","v4.1-rc6","v4.1-rc3","v4.1-rc4","v4.0","v4.1-rc5","v4.0-rc1","v4.0-rc2","v4.0-rc7","v4.0-rc3","v4.0-rc6","v4.0-rc4","v3.19","v3.19-rc7","v3.19-rc5","v3.19-rc1","v3.19-rc6","v3.19-rc4","v3.18-rc1","v3.19-rc3","v3.19-rc2","v3.18","v3.18-rc7","v3.18-rc6","v3.18-rc2","v3.18-rc3","v3.18-rc4","v3.18-rc5","v3.17","v3.17-rc1","v3.17-rc7","v3.17-rc2","v3.17-rc4","v3.16","v3.17-rc5","v3.17-rc6","v3.17-rc3","v3.16-rc7","v3.16-rc1","v3.16-rc3","v3.16-rc5","v3.16-rc6","v3.16-rc2","v3.16-rc4","v3.13","v3.15","v3.15-rc5","v3.15-rc8","v3.15-rc1","v3.15-rc6","v3.15-rc3","v3.15-rc7","v3.15-rc2","v3.15-rc4","v3.14","v3.14-rc4","v3.14-rc8","v3.14-rc7","v3.14-rc6","v3.14-rc1","v3.14-rc2","v3.14-rc5","v3.14-rc3","v3.13-rc6","v3.13-rc8","v3.12","v3.13-rc7","v3.13-rc1","v3.13-rc4","v3.13-rc3","v3.13-rc5","v3.13-rc2","v3.12-rc7","v3.12-rc3","v3.12-rc6","v3.12-rc1","v3.12-rc5","v3.11","v3.12-rc2","v3.12-rc4","v3.11-rc7","v3.11-rc2","v3.11-rc5","v3.11-rc1","v3.11-rc3","v3.11-rc4","v3.11-rc6","v3.10-rc2","v3.10","v3.10-rc7","v3.10-rc6","v3.10-rc1","v3.10-rc5","v3.10-rc3","v3.10-rc4","v3.9","v3.9-rc2","v3.9-rc7","v3.9-rc8","v3.9-rc3","v3.9-rc6","v3.9-rc5","v3.9-rc4","v3.9-rc1","v3.8","v3.8-rc7","v3.8-rc6","v3.8-rc5","v3.8-rc2","v3.8-rc1","v3.8-rc3","v3.8-rc4","v3.7","v3.7-rc1","v3.6","v3.7-rc6","v3.7-rc7","v3.7-rc3","v3.7-rc8","v3.7-rc2","v3.7-rc4","v3.7-rc5","v3.6-rc7","v3.6-rc1","v3.5-rc3","v3.6-rc6","v3.6-rc5","v3.5","v3.6-rc3","v3.6-rc4","v3.6-rc2","v3.4-rc4","v3.5-rc7","v3.5-rc5","v3.5-rc6","v3.5-rc2","v3.5-rc1","v3.5-rc4","v3.4","v3.4-rc2","v3.4-rc1","v3.4-rc7","v3.4-rc6","v3.4-rc3","v3.4-rc5","v3.3","v3.3-rc6","v3.3-rc3","v3.3-rc7","v3.3-rc2","v3.3-rc5","v3.2","v3.3-rc4","v3.3-rc1","v3.2-rc4","v3.2-rc7","v3.2-rc6","v3.2-rc5","v3.2-rc3","v3.1","v3.2-rc2","v3.2-rc1","v3.1-rc1","v3.1-rc9","v3.1-rc8","v3.1-rc10","v3.1-rc7","v3.1-rc3","v3.1-rc2","v3.1-rc4","v3.1-rc5","v3.0","v3.1-rc6","v3.0-rc7","v3.0-rc4","v3.0-rc6","v3.0-rc5","v3.0-rc3","v3.0-rc1","v2.6.39","v3.0-rc2","v2.6.38","v2.6.39-rc2","v2.6.39-rc7","v2.6.39-rc5","v2.6.39-rc1","v2.6.38-rc7","v2.6.39-rc6","v2.6.39-rc4","v2.6.39-rc3","v2.6.37","v2.6.38-rc1","v2.6.38-rc8","v2.6.38-rc2","v2.6.38-rc6","v2.6.38-rc5","v2.6.38-rc4","v2.6.38-rc3","v2.6.37-rc4","v2.6.37-rc2","v2.6.36","v2.6.37-rc5","v2.6.37-rc8","v2.6.37-rc7","v2.6.37-rc6","v2.6.37-rc1","v2.6.37-rc3","v2.6.36-rc6","v2.6.35-rc4","v2.6.36-rc8","v2.6.35","v2.6.36-rc7","v2.6.36-rc3","v2.6.36-rc5","v2.6.36-rc4","v2.6.36-rc2","v2.6.36-rc1","v2.6.35-rc5","v2.6.35-rc6","v2.6.34","v2.6.35-rc3","v2.6.35-rc1","v2.6.35-rc2","v2.6.34-rc7","v2.6.34-rc6","v2.6.34-rc5","v2.6.34-rc4","v2.6.34-rc3","v2.6.34-rc2","v2.6.34-rc1","v2.6.33","v2.6.33-rc6","v2.6.33-rc8","v2.6.33-rc4","v2.6.33-rc5","v2.6.33-rc3","v2.6.33-rc7","v2.6.33-rc2","v2.6.32","v2.6.33-rc1","v2.6.32-rc8","v2.6.32-rc7","v2.6.32-rc6","v2.6.31","v2.6.32-rc5","v2.6.32-rc4","v2.6.32-rc2","v2.6.32-rc1","v2.6.32-rc3","v2.6.31-rc9","v2.6.31-rc1","v2.6.31-rc7","v2.6.31-rc8","v2.6.31-rc6","v2.6.30-rc6","v2.6.30","v2.6.31-rc4","v2.6.31-rc5","v2.6.31-rc3","v2.6.31-rc2","v2.6.30-rc7","v2.6.30-rc8","v2.6.30-rc5","v2.6.30-rc3","v2.6.30-rc4","v2.6.30-rc1","v2.6.30-rc2","v2.6.29","v2.6.29-rc8","v2.6.29-rc7","v2.6.29-rc5","v2.6.29-rc1","v2.6.29-rc6","v2.6.29-rc4","v2.6.29-rc3","v2.6.29-rc2","v2.6.28","v2.6.28-rc7","v2.6.28-rc9","v2.6.28-rc8","v2.6.28-rc6","v2.6.28-rc5","v2.6.28-rc4","v2.6.28-rc2","v2.6.28-rc3","v2.6.28-rc1","v2.6.27","v2.6.27-rc7","v2.6.27-rc9","v2.6.27-rc8","v2.6.27-rc5","v2.6.27-rc6","v2.6.27-rc4","v2.6.27-rc1","v2.6.27-rc3","v2.6.27-rc2","v2.6.26","v2.6.26-rc9","v2.6.26-rc8","v2.6.26-rc3","v2.6.26-rc7","v2.6.26-rc6","v2.6.26-rc5","v2.6.26-rc4","v2.6.26-rc2","v2.6.26-rc1","v2.6.25","v2.6.25-rc7","v2.6.25-rc9","v2.6.25-rc8","v2.6.25-rc6","v2.6.25-rc5","v2.6.25-rc3","v2.6.25-rc4","v2.6.24","v2.6.25-rc2","v2.6.25-rc1","v2.6.24-rc8","v2.6.24-rc7","v2.6.24-rc6","v2.6.24-rc5","v2.6.24-rc4","v2.6.24-rc3","v2.6.24-rc2","v2.6.24-rc1","v2.6.23","v2.6.23-rc9","v2.6.23-rc8","v2.6.23-rc5","v2.6.23-rc7","v2.6.23-rc6","v2.6.23-rc4","v2.6.23-rc3","v2.6.23-rc2","v2.6.23-rc1","v2.6.22","v2.6.22-rc7","v2.6.22-rc6","v2.6.22-rc5","v2.6.22-rc4","v2.6.22-rc3","v2.6.22-rc2","v2.6.22-rc1","v2.6.21","v2.6.21-rc7","v2.6.21-rc6","v2.6.21-rc5","v2.6.21-rc4","v2.6.21-rc3","v2.6.21-rc2","v2.6.21-rc1","v2.6.20-rc7","v2.6.20-rc6","v2.6.20-rc5","v2.6.20-rc4","v2.6.20-rc3","v2.6.20-rc1","v2.6.20-rc2","v2.6.19-rc2","v2.6.18","v2.6.19-rc1","v2.6.18-rc6","v2.6.18-rc5","v2.6.18-rc3","v2.6.18-rc2","v2.6.18-rc1","v2.6.17","v2.6.17-rc4","v2.6.17-rc6","v2.6.17-rc5","v2.6.17-rc3","v2.6.17-rc2","v2.6.17-rc1","v2.6.16","v2.6.16-rc6","v2.6.16-rc4","v2.6.16-rc5","v2.6.16-rc3","v2.6.16-rc2","v2.6.16-rc1","v2.6.15-rc7","v2.6.15-rc5","v2.6.15-rc4","v2.6.15-rc2","v2.6.15-rc1","v2.6.14-rc3","v2.6.14-rc2","v2.6.14-rc1","v2.6.13","v2.6.13-rc7","v2.6.13-rc6","v2.6.13-rc5","v2.6.13-rc3","v2.6.13-rc4","v2.6.13-rc2","v2.6.13-rc1","v2.6.12-rc4","v2.6.12-rc3","v2.6.12-rc2"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49390.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.4.0"},{"fixed":"5.17.15"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.18.0"},{"fixed":"5.18.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49390.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}