CVE-2022-49180

LSM: general protection fault in legacy_parse_param

Description

In the Linux kernel, the following vulnerability has been resolved: LSM: general protection fault in legacy_parse_param The usual LSM hook "bail on fail" scheme doesn't work for cases where a security module may return an error code indicating that it does not recognize an input. In this particular case Smack sees a mount option that it recognizes, and returns 0. A call to a BPF hook follows, which returns -ENOPARAM, which confuses the caller because Smack has processed its data. The SELinux hook incorrectly returns 1 on success. There was a time when this was correct, however the current expectation is that it return 0 on success. This is repaired.

INFO

Published Date :

2025-02-26T01:55:32.590Z

Last Modified :

2025-12-23T13:22:40.491Z

Source :

Linux

AFFECTED PRODUCTS

The following products are affected by CVE-2022-49180 vulnerability.

Vendors	Products
Linux	Linux Kernel
Redhat	Enterprise Linux

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49180.

URL	Resource
https://git.kernel.org/stable/c/00fc07fa0b4a004711b6e1a944f0d2e46f7093b7
https://git.kernel.org/stable/c/2784604c8c6fc523248f8f80a421c313a9d790b7
https://git.kernel.org/stable/c/cadae7c5e477aaafcba819b8e4a3d1c1a1503b62
https://git.kernel.org/stable/c/ddcdda888e14ca451b3ee83d11b65b2a9c8e783b
https://git.kernel.org/stable/c/ecff30575b5ad0eda149aadad247b7f75411fd47
https://git.kernel.org/stable/c/f3f93a1aaafc3032e0a9655fb43deccfb3e953a3
https://lore.kernel.org/linux-cve-announce/2025022614-CVE-2022-49180-ac1e@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-49180
https://www.cve.org/CVERecord?id=CVE-2022-49180

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact