Re: [PATCH vulns] CVE-2022-49501: Fix affected versions

On Thu, Jul 17, 2025 at 06:38:08PM +0800, He Zhe wrote:

As mentioned in the commit log of the fix, it is commit 2c9d6c2b871d ("usbnet: run unbind() before unregister_netdev()") that causes this CVE.

Signed-off-by: He Zhe zhe.he@windriver.com

cve/published/2022/CVE-2022-49501.vulnerable | 1 + 1 file changed, 1 insertion(+) create mode 100644 cve/published/2022/CVE-2022-49501.vulnerable

diff --git a/cve/published/2022/CVE-2022-49501.vulnerable b/cve/published/2022/CVE-2022-49501.vulnerable new file mode 100644 index 000000000..138b53caf --- /dev/null +++ b/cve/published/2022/CVE-2022-49501.vulnerable @@ -0,0 +1 @@

+2c9d6c2b871d5841ce26ede3e81fd37e2e33c42c

2.34.1

Applied and the record updated, thanks!

greg k-h