CVE-2022-49047
Published: 26 February 2025
Description
In the Linux kernel, the following vulnerability has been resolved: ep93xx: clock: Fix UAF in ep93xx_clk_register_gate() arch/arm/mach-ep93xx/clock.c:154:2: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc] arch/arm/mach-ep93xx/clock.c:151:2: note: Taking true branch if (IS_ERR(clk)) ^ arch/arm/mach-ep93xx/clock.c:152:3: note: Memory is released kfree(psc); ^~~~~~~~~~ arch/arm/mach-ep93xx/clock.c:154:2: note: Use of memory after it is freed return &psc->hw; ^ ~~~~~~~~
Security Summary
CVE-2022-49047 is a Use After Free (UAF) vulnerability in the Linux kernel's ep93xx clock subsystem. The flaw occurs in the ep93xx_clk_register_gate() function within arch/arm/mach-ep93xx/clock.c, where memory for a clock gate structure (psc) is freed on error (via kfree(psc)) but then dereferenced afterward (return &psc->hw), as detected by the Clang static analyzer. It affects the Linux kernel on ep93xx ARM architecture platforms and is classified under CWE-416 with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
A local attacker with low privileges can exploit this vulnerability due to its low attack complexity and lack of user interaction requirements. Successful exploitation could grant high impacts on confidentiality, integrity, and availability, potentially enabling arbitrary kernel code execution, data corruption, or system crashes through manipulation of the freed memory in the clock registration process.
Mitigation is provided through kernel patches in stable trees, including commits 0f12166872da46c6b57ba2f1314bbf310b3bf017 and 3b68b08885217abd9c57ff9b3bb3eb173eee02a9 available at git.kernel.org. Systems running affected ep93xx kernel versions should apply these updates to prevent UAF exploitation.
Details
- CWE(s)