NVD - CVE-2022-49355

Vulnerability Change Records for CVE-2022-49355

Change History

New CVE Received from kernel.org 2/26/2025 2:01:12 AM

Action	Type	Old Value	New Value
Added	Description		In the Linux kernel, the following vulnerability has been resolved: xen: unexport __init-annotated xen_xlate_map_ballooned_pages() EXPORT_SYMBOL and __init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated __init. The access to a freed symbol may end up with kernel panic. modpost used to detect it, but it has been broken for a decade. Recently, I fixed modpost so it started to warn it again, then this showed up in linux-next builds. There are two ways to fix it: - Remove __init - Remove EXPORT_SYMBOL I chose the latter for this case because none of the in-tree call-sites (arch/arm/xen/enlighten.c, arch/x86/xen/grant-table.c) is compiled as modular.
Added	Reference		https://git.kernel.org/stable/c/0ddb4334f4136cd5c84885032894663a4d57928d
Added	Reference		https://git.kernel.org/stable/c/29a9935a90dd32b89d04e249e0a948cb4949e7af
Added	Reference		https://git.kernel.org/stable/c/40e6078fcf186b4f452abcbffcb004e28d750395
Added	Reference		https://git.kernel.org/stable/c/b43387364d8291190fd4ea1322b65c337802baa2
Added	Reference		https://git.kernel.org/stable/c/b49c884146e20314808c9420640b26876ff55c80
Added	Reference		https://git.kernel.org/stable/c/be9581f4fda795aa0e18cdc333efc1e447e1a55c
Added	Reference		https://git.kernel.org/stable/c/c0d076419136a7528abc1831847099400f61d60f
Added	Reference		https://git.kernel.org/stable/c/dbac14a5a05ff8e1ce7c0da0e1f520ce39ec62ea
Added	Reference		https://git.kernel.org/stable/c/f319c9b45b351019349cc779ce6721ebc211245c