0.0
NA
CVE-2022-49181
Apache HTTP Server Cross-Site Scripting
Description

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

INFO

Published Date :

Feb. 26, 2025, 7 a.m.

Last Modified :

Feb. 26, 2025, 1:15 p.m.

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Remotely Exploitable :

No

Impact Score :

Exploitability Score :

Affected Products

The following products are affected by CVE-2022-49181 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2022-49181 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2022-49181 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Rejected by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Feb. 26, 2025

    Action Type Old Value New Value
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Feb. 26, 2025

    Action Type Old Value New Value
    Changed Description In the Linux kernel, the following vulnerability has been resolved: xen: fix is_xen_pmu() is_xen_pmu() is taking the cpu number as parameter, but it is not using it. Instead it just tests whether the Xen PMU initialization on the current cpu did succeed. As this test is done by checking a percpu pointer, preemption needs to be disabled in order to avoid switching the cpu while doing the test. While resuming from suspend() this seems not to be the case: [ 88.082751] ACPI: PM: Low-level resume complete [ 88.087933] ACPI: EC: EC started [ 88.091464] ACPI: PM: Restoring platform NVS memory [ 88.097166] xen_acpi_processor: Uploading Xen processor PM info [ 88.103850] Enabling non-boot CPUs ... [ 88.108128] installing Xen timer for CPU 1 [ 88.112763] BUG: using smp_processor_id() in preemptible [00000000] code: systemd-sleep/7138 [ 88.122256] caller is is_xen_pmu+0x12/0x30 [ 88.126937] CPU: 0 PID: 7138 Comm: systemd-sleep Tainted: G W 5.16.13-2.fc32.qubes.x86_64 #1 [ 88.137939] Hardware name: Star Labs StarBook/StarBook, BIOS 7.97 03/21/2022 [ 88.145930] Call Trace: [ 88.148757] <TASK> [ 88.151193] dump_stack_lvl+0x48/0x5e [ 88.155381] check_preemption_disabled+0xde/0xe0 [ 88.160641] is_xen_pmu+0x12/0x30 [ 88.164441] xen_smp_intr_init_pv+0x75/0x100 Fix that by replacing is_xen_pmu() by a simple boolean variable which reflects the Xen PMU initialization state on cpu 0. Modify xen_pmu_init() to return early in case it is being called for a cpu other than cpu 0 and the boolean variable not being set. Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
    Removed Reference kernel.org: https://git.kernel.org/stable/c/26911a822148bef5dcfc55e7df49cb05a18737e3
    Removed Reference kernel.org: https://git.kernel.org/stable/c/980bc42812c0a4788aee4b519bc911bfb911c23c
    Removed Reference kernel.org: https://git.kernel.org/stable/c/ab2c789d1c0a3d0a682f7aa287754193471ff9f8
    Removed Reference kernel.org: https://git.kernel.org/stable/c/af884b276b08e2b7e74c2b9208df35f36fa6a54c
    Removed Reference kernel.org: https://git.kernel.org/stable/c/d533c4a2e8c4ca3a0fe84d295a7bd43af1931028
    Removed Reference kernel.org: https://git.kernel.org/stable/c/de2ae403b4c0e79a3410e63bc448542fbb9f9bfc
    Removed Reference kernel.org: https://git.kernel.org/stable/c/e9445a7a59d84ed3ae6c85f299d2a6c4930b1ee9
    Removed Reference kernel.org: https://git.kernel.org/stable/c/e9f72105cf4a16bb185093b60fc12dbc82fe15b5
  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Feb. 26, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: xen: fix is_xen_pmu() is_xen_pmu() is taking the cpu number as parameter, but it is not using it. Instead it just tests whether the Xen PMU initialization on the current cpu did succeed. As this test is done by checking a percpu pointer, preemption needs to be disabled in order to avoid switching the cpu while doing the test. While resuming from suspend() this seems not to be the case: [ 88.082751] ACPI: PM: Low-level resume complete [ 88.087933] ACPI: EC: EC started [ 88.091464] ACPI: PM: Restoring platform NVS memory [ 88.097166] xen_acpi_processor: Uploading Xen processor PM info [ 88.103850] Enabling non-boot CPUs ... [ 88.108128] installing Xen timer for CPU 1 [ 88.112763] BUG: using smp_processor_id() in preemptible [00000000] code: systemd-sleep/7138 [ 88.122256] caller is is_xen_pmu+0x12/0x30 [ 88.126937] CPU: 0 PID: 7138 Comm: systemd-sleep Tainted: G W 5.16.13-2.fc32.qubes.x86_64 #1 [ 88.137939] Hardware name: Star Labs StarBook/StarBook, BIOS 7.97 03/21/2022 [ 88.145930] Call Trace: [ 88.148757] <TASK> [ 88.151193] dump_stack_lvl+0x48/0x5e [ 88.155381] check_preemption_disabled+0xde/0xe0 [ 88.160641] is_xen_pmu+0x12/0x30 [ 88.164441] xen_smp_intr_init_pv+0x75/0x100 Fix that by replacing is_xen_pmu() by a simple boolean variable which reflects the Xen PMU initialization state on cpu 0. Modify xen_pmu_init() to return early in case it is being called for a cpu other than cpu 0 and the boolean variable not being set.
    Added Reference https://git.kernel.org/stable/c/26911a822148bef5dcfc55e7df49cb05a18737e3
    Added Reference https://git.kernel.org/stable/c/980bc42812c0a4788aee4b519bc911bfb911c23c
    Added Reference https://git.kernel.org/stable/c/ab2c789d1c0a3d0a682f7aa287754193471ff9f8
    Added Reference https://git.kernel.org/stable/c/af884b276b08e2b7e74c2b9208df35f36fa6a54c
    Added Reference https://git.kernel.org/stable/c/d533c4a2e8c4ca3a0fe84d295a7bd43af1931028
    Added Reference https://git.kernel.org/stable/c/de2ae403b4c0e79a3410e63bc448542fbb9f9bfc
    Added Reference https://git.kernel.org/stable/c/e9445a7a59d84ed3ae6c85f299d2a6c4930b1ee9
    Added Reference https://git.kernel.org/stable/c/e9f72105cf4a16bb185093b60fc12dbc82fe15b5
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2022-49181 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2022-49181 weaknesses.

NONE - Vulnerability Scoring System
:
© cvefeed.io
Latest DB Update: Apr. 24, 2025 23:41