CVE-2022-28893

medium

Published 2022-11-15 · Modified 2022-11-11

CVSS v3

—

CVSS v2

—

VIR risk

5.5

Description

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2022-8267.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2022-7444.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2022:7444

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2022-7683.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2120175

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2112693

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2096178

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2070220

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2069408

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2062284

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/1946279

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2022:7683

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2022-28893

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2022:7444

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2022-28893.html

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2022:7683

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2022:8267

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2022-7933.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2129152

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2123695

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2115278

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2115065

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2114878

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2103153

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2103148

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2090241

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2090240

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2090237

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2090226

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2089815

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2088021

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2084479

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2084183

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2084125

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2074208

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2073064

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2071022

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2070205

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2066819

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2066706

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2066614

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2059928

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2058395

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2053632

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2052312

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2051444

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2037386

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/1980646

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2022:7933

Mitigation details

Source: Red Hat Errata — Red Hat Inc. · View original ↗ · Open-Errata-API

Description kernel: use after free in SUNRPC subsystem Red Hat statement This flaw can be mitigated by preventing the affected SUNRPC driver (sunrpc) kernel module from loading during the boot time, ensuring the module is added to the blacklist file. ~~~ Refer: How do I blacklist a kernel module to prevent it from loading automatically? https://access.redhat.com/solutions/41278 ~~~ CVSS v3: 6.6…

Description

kernel: use after free in SUNRPC subsystem

Red Hat statement

This flaw can be mitigated by preventing the affected SUNRPC driver (sunrpc) kernel module from loading during the boot time, ensuring the module is added to the blacklist file. ~~~ Refer: How do I blacklist a kernel module to prevent it from loading automatically? https://access.redhat.com/solutions/41278 ~~~

CVSS v3: 6.6 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H)

Errata / fixed releases

Product	Package	Advisory	Released
Red Hat Enterprise Linux 8	`kernel-rt-0:4.18.0-425.3.1.rt7.213.el8`	RHSA-2022:7444	2022-11-08T00:00:00Z
Red Hat Enterprise Linux 8	`kernel-0:4.18.0-425.3.1.el8`	RHSA-2022:7683	2022-11-08T00:00:00Z
Red Hat Enterprise Linux 8.6 Extended Update Support	`kernel-0:4.18.0-372.91.1.el8_6`	RHSA-2024:0724	2024-02-07T00:00:00Z
Red Hat Enterprise Linux 9	`kernel-0:5.14.0-162.6.1.el9_1`	RHSA-2022:8267	2022-11-15T00:00:00Z
Red Hat Enterprise Linux 9	`kernel-rt-0:5.14.0-162.6.1.rt21.168.el9_1`	RHSA-2022:7933	2022-11-15T00:00:00Z
Red Hat Enterprise Linux 9	`kernel-0:5.14.0-162.6.1.el9_1`	RHSA-2022:8267	2022-11-15T00:00:00Z
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8	`kernel-0:4.18.0-372.91.1.el8_6`	RHSA-2024:0724	2024-02-07T00:00:00Z

Package state

Product	Package	State
Red Hat Enterprise Linux 6	`kernel`	Out of support scope
Red Hat Enterprise Linux 7	`kernel`	Out of support scope
Red Hat Enterprise Linux 7	`kernel-rt`	Out of support scope

Apply commands

bash fix

Apply RHSA-2022:7444 for Red Hat Enterprise Linux 8

yum update -y kernel-rt
# or:
dnf upgrade -y kernel-rt

OS impact

OS	Version	Status	Fixed in
rhel	9	fixed
almalinux	9	fixed	`kernel-rt-debug-core-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm`
rocky	8	fixed
sles		affected
debian	bookworm	fixed	`5.17.3-1`
debian	bullseye	fixed	`5.10.120-1`
debian	forky	fixed	`5.17.3-1`
debian	sid	fixed	`5.17.3-1`
debian	trixie	fixed	`5.17.3-1`
almalinux	8	fixed	`kernel-doc-4.18.0-425.3.1.el8.noarch.rpm`

References

Verify integrity in audit chain (admin only). AS-IS.