CVE & CISA-KEV Catalog

CVE-2022-49917

HIGH
7.8
CVSS v3
NVD

Description

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in ip_vs_app_net_cleanup() During the initialization of ip_vs_app_net_init(), if file ip_vs_app fails to be created, the initialization is successful by default. Therefore, the ip_vs_app file doesn't be found during the remove in ip_vs_app_net_cleanup(). It will cause WRNING. The following is the stack information: name 'ip_vs_app' WARNING: CPU: 1 PID: 9 at fs/proc/generic.c:712 remove_proc_entry+0x389/0x460 Modules linked in: Workqueue: netns cleanup_net RIP: 0010:remove_proc_entry+0x389/0x460 Call Trace: <TASK> ops_exit_list+0x125/0x170 cleanup_net+0x4ea/0xb00 process_one_work+0x9bf/0x1710 worker_thread+0x665/0x1080 kthread+0x2e4/0x3a0 ret_from_fork+0x1f/0x30 </TASK>

How to fix

Remediation Available
linuxDebian
Fixed in:5.10.158-1CVE-2022-49917
Fixed in:6.0.8-1CVE-2022-49917
Fixed in:6.0.8-1CVE-2022-49917
Fixed in:6.0.8-1CVE-2022-49917

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

0.18%probability of exploitation in 30 days
8thpercentile

Low risk: more likely to be exploited than 8% of all known CVEs.

References

Embed a live status badge for CVE-2022-49917
CVE-2022-49917 severity badge

Markdown

[![CVE-2022-49917](https://tridentstack.com/cve/badge/CVE-2022-49917.svg)](https://tridentstack.com/cve/CVE-2022-49917)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-49917"><img src="https://tridentstack.com/cve/badge/CVE-2022-49917.svg" alt="CVE-2022-49917"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-11-12.