CVE - CVE-2022-49675

CVE-ID
CVE-2022-49675	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport __init-annotated tick_nohz_full_setup() EXPORT_SYMBOL and __init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated __init. The access to a freed symbol may end up with kernel panic. modpost used to detect it, but it had been broken for a decade. Commit 28438794aba4 ("modpost: fix section mismatch check for exported init/exit sections") fixed it so modpost started to warn it again, then this showed up: MODPOST vmlinux.symvers WARNING: modpost: vmlinux.o(___ksymtab_gpl+tick_nohz_full_setup+0x0): Section mismatch in reference from the variable __ksymtab_tick_nohz_full_setup to the function .init.text:tick_nohz_full_setup() The symbol tick_nohz_full_setup is exported and annotated __init Fix this by removing the __init annotation of tick_nohz_full_setup or drop the export. Drop the export because tick_nohz_full_setup() is only called from the built-in code in kernel/sched/isolation.c.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/2390095113e98fc52fffe35c5206d30d9efe3f78 URL:https://git.kernel.org/stable/c/2390095113e98fc52fffe35c5206d30d9efe3f78 MISC:https://git.kernel.org/stable/c/c4ff3ffe0138234774602152fe67e3a898c615c6 URL:https://git.kernel.org/stable/c/c4ff3ffe0138234774602152fe67e3a898c615c6 MISC:https://git.kernel.org/stable/c/ea32b27e2f8c58c92bff5ecba7fcf64b97707089 URL:https://git.kernel.org/stable/c/ea32b27e2f8c58c92bff5ecba7fcf64b97707089 MISC:https://git.kernel.org/stable/c/f4a80ec8c51d68be4b7a7830c510f75080c5e417 URL:https://git.kernel.org/stable/c/f4a80ec8c51d68be4b7a7830c510f75080c5e417
Assigning CNA
kernel.org
Date Record Created
20250226	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20250226)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)