CVE-2022-48814: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: net: dsa: seville: register the mdiobus under devres As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres") 5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus using devres") mdiobus_free() will panic when called from devm_mdiobus_free() <- devres_release_all() <- __device_release_driver(), and that mdiobus was not previously unregistered. The Seville VSC9959 switch is a platform device, so the initial set of constraints that I thought would cause this (I2C or SPI buses which call ->remove on ->shutdown) do not apply. But there is one more which applies here. If the DSA master itself is on a bus that calls ->remove from ->shutdown (like dpaa2-eth, which is on the fsl-mc bus), there is a device link between the switch and the DSA master, and device_links_unbind_consumers() will unbind the seville switch driver on shutdown. So the same treatment must be applied to all DSA switch drivers, which is: either use devres for both the mdiobus allocation and registration, or don't use devres at all. The seville driver has a code structure that could accommodate both the mdiobus_unregister and mdiobus_free calls, but it has an external dependency upon mscc_miim_setup() from mdio-mscc-miim.c, which calls devm_mdiobus_alloc_size() on its behalf. So rather than restructuring that, and exporting yet one more symbol mscc_miim_teardown(), let's work with devres and replace of_mdiobus_register with the devres variant. When we use all-devres, we can ensure that devres doesn't free a still-registered bus (it either runs both callbacks, or none).
AI Analysis
Technical Summary
CVE-2022-48814 is a vulnerability identified in the Linux kernel's Distributed Switch Architecture (DSA) subsystem, specifically affecting the Seville VSC9959 switch driver. The issue arises from improper resource management related to the registration and unregistration of the MDIO bus (Management Data Input/Output bus) under the device resource management (devres) framework. The vulnerability is rooted in the fact that mdiobus_free() can cause a kernel panic when invoked via devm_mdiobus_free() if the MDIO bus was not previously unregistered. This scenario can occur during device shutdown sequences where device links between the DSA master and the switch cause the switch driver to be unbound prematurely. The Seville switch is a platform device, and its interaction with the DSA master on buses that call ->remove during ->shutdown (such as dpaa2-eth on the fsl-mc bus) leads to this problematic state. The root cause is inconsistent use of devres for allocating and registering the MDIO bus across different DSA switch drivers, which can result in devres attempting to free a still-registered bus, triggering a kernel panic. The fix involves standardizing the use of devres for both allocation and registration of the MDIO bus to ensure that devres callbacks are executed atomically, preventing partial cleanup states. This vulnerability is a kernel-level resource management flaw that can lead to system instability or denial of service due to kernel panics during device shutdown or removal sequences involving affected hardware and drivers.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with the affected DSA drivers, particularly those utilizing the Seville VSC9959 switch or similar hardware configurations. The impact is a potential denial of service (DoS) condition caused by kernel panics during device shutdown or removal, which could disrupt network infrastructure components relying on these switches. Organizations with embedded Linux systems, network appliances, or industrial control systems using affected hardware may experience unexpected reboots or downtime. While this vulnerability does not directly lead to privilege escalation or data leakage, the resulting instability can affect availability of critical network services. In sectors such as telecommunications, manufacturing, and critical infrastructure—where Linux-based network devices are common—this could translate into operational disruptions. Additionally, the complexity of the issue means that it may be triggered during routine maintenance or updates, increasing the risk of unplanned outages. European organizations with stringent uptime requirements or those operating in regulated environments must consider this vulnerability seriously to maintain service continuity.
Mitigation Recommendations
To mitigate CVE-2022-48814, organizations should: 1) Apply the latest Linux kernel patches that address this issue, ensuring that the DSA drivers use devres consistently for MDIO bus allocation and registration. 2) Audit and update custom or vendor-specific kernel modules related to DSA switches to confirm they follow the recommended devres usage patterns. 3) Test kernel updates in controlled environments to verify that device shutdown and removal sequences no longer trigger kernel panics. 4) For embedded or specialized systems where kernel updates are delayed, implement monitoring to detect kernel panics or unexpected reboots related to device removal events. 5) Coordinate with hardware vendors to obtain updated firmware or drivers that incorporate the fix. 6) Document and plan maintenance windows carefully to minimize impact during patch deployment, especially in production environments with critical network infrastructure. 7) Consider isolating or segmenting affected devices to reduce the blast radius of potential DoS conditions until patches are applied.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain
CVE-2022-48814: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: net: dsa: seville: register the mdiobus under devres As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres") 5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus using devres") mdiobus_free() will panic when called from devm_mdiobus_free() <- devres_release_all() <- __device_release_driver(), and that mdiobus was not previously unregistered. The Seville VSC9959 switch is a platform device, so the initial set of constraints that I thought would cause this (I2C or SPI buses which call ->remove on ->shutdown) do not apply. But there is one more which applies here. If the DSA master itself is on a bus that calls ->remove from ->shutdown (like dpaa2-eth, which is on the fsl-mc bus), there is a device link between the switch and the DSA master, and device_links_unbind_consumers() will unbind the seville switch driver on shutdown. So the same treatment must be applied to all DSA switch drivers, which is: either use devres for both the mdiobus allocation and registration, or don't use devres at all. The seville driver has a code structure that could accommodate both the mdiobus_unregister and mdiobus_free calls, but it has an external dependency upon mscc_miim_setup() from mdio-mscc-miim.c, which calls devm_mdiobus_alloc_size() on its behalf. So rather than restructuring that, and exporting yet one more symbol mscc_miim_teardown(), let's work with devres and replace of_mdiobus_register with the devres variant. When we use all-devres, we can ensure that devres doesn't free a still-registered bus (it either runs both callbacks, or none).
AI-Powered Analysis
Technical Analysis
CVE-2022-48814 is a vulnerability identified in the Linux kernel's Distributed Switch Architecture (DSA) subsystem, specifically affecting the Seville VSC9959 switch driver. The issue arises from improper resource management related to the registration and unregistration of the MDIO bus (Management Data Input/Output bus) under the device resource management (devres) framework. The vulnerability is rooted in the fact that mdiobus_free() can cause a kernel panic when invoked via devm_mdiobus_free() if the MDIO bus was not previously unregistered. This scenario can occur during device shutdown sequences where device links between the DSA master and the switch cause the switch driver to be unbound prematurely. The Seville switch is a platform device, and its interaction with the DSA master on buses that call ->remove during ->shutdown (such as dpaa2-eth on the fsl-mc bus) leads to this problematic state. The root cause is inconsistent use of devres for allocating and registering the MDIO bus across different DSA switch drivers, which can result in devres attempting to free a still-registered bus, triggering a kernel panic. The fix involves standardizing the use of devres for both allocation and registration of the MDIO bus to ensure that devres callbacks are executed atomically, preventing partial cleanup states. This vulnerability is a kernel-level resource management flaw that can lead to system instability or denial of service due to kernel panics during device shutdown or removal sequences involving affected hardware and drivers.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with the affected DSA drivers, particularly those utilizing the Seville VSC9959 switch or similar hardware configurations. The impact is a potential denial of service (DoS) condition caused by kernel panics during device shutdown or removal, which could disrupt network infrastructure components relying on these switches. Organizations with embedded Linux systems, network appliances, or industrial control systems using affected hardware may experience unexpected reboots or downtime. While this vulnerability does not directly lead to privilege escalation or data leakage, the resulting instability can affect availability of critical network services. In sectors such as telecommunications, manufacturing, and critical infrastructure—where Linux-based network devices are common—this could translate into operational disruptions. Additionally, the complexity of the issue means that it may be triggered during routine maintenance or updates, increasing the risk of unplanned outages. European organizations with stringent uptime requirements or those operating in regulated environments must consider this vulnerability seriously to maintain service continuity.
Mitigation Recommendations
To mitigate CVE-2022-48814, organizations should: 1) Apply the latest Linux kernel patches that address this issue, ensuring that the DSA drivers use devres consistently for MDIO bus allocation and registration. 2) Audit and update custom or vendor-specific kernel modules related to DSA switches to confirm they follow the recommended devres usage patterns. 3) Test kernel updates in controlled environments to verify that device shutdown and removal sequences no longer trigger kernel panics. 4) For embedded or specialized systems where kernel updates are delayed, implement monitoring to detect kernel panics or unexpected reboots related to device removal events. 5) Coordinate with hardware vendors to obtain updated firmware or drivers that incorporate the fix. 6) Document and plan maintenance windows carefully to minimize impact during patch deployment, especially in production environments with critical network infrastructure. 7) Consider isolating or segmenting affected devices to reduce the blast radius of potential DoS conditions until patches are applied.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-07-16T11:38:08.899Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d982ec4522896dcbe6260
Added to database: 5/21/2025, 9:09:02 AM
Last enriched: 6/30/2025, 10:10:01 PM
Last updated: 8/10/2025, 5:49:08 AM
Views: 10
Related Threats
CVE-2025-9060: CWE-20 Improper Input Validation in MSoft MFlash
CriticalCVE-2025-8675: CWE-918 Server-Side Request Forgery (SSRF) in Drupal AI SEO Link Advisor
MediumCVE-2025-8362: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Drupal GoogleTag Manager
MediumCVE-2025-8361: CWE-962 Missing Authorization in Drupal Config Pages
HighCVE-2025-8092: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Drupal COOKiES Consent Management
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.