CVE-2022-49859: 
Linux Debian vulnerability analysis and mitigation

CVE-2022-49859 is a vulnerability in the Linux kernel's LAPB (Link Access Procedure Balanced) Ethernet implementation. The issue was discovered and disclosed on May 1, 2025. The vulnerability affects the net/lapbether subsystem, specifically in the lapbeth_open() function. This vulnerability impacts various Linux kernel versions, particularly affecting systems running Ubuntu 22.04 LTS and related distributions (Ubuntu Security, NVD).

The vulnerability occurs when lapb_register() fails during the first attempt to bring up a LAPB device. In this scenario, the NAPI (New API) is not properly disabled, leading to an invalid opcode issue when the device attempts to go up for the second time. The issue manifests as a kernel BUG at net/core/dev.c:6442 with an invalid opcode: 0000 [#1] PREEMPT SMP KASAN error. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 with attack vector metrics of AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (Red Hat Security).

The vulnerability can lead to system instability and potential denial of service conditions when attempting to bring up LAPB devices. The CVSS metrics indicate that while the vulnerability requires local access and low privileges, it can result in high availability impact to the affected system (Red Hat Security).

Multiple Linux distributions have released patches to address this vulnerability. Ubuntu has fixed the issue in version 5.15.0-67.74 for Ubuntu 22.04 LTS and related kernel versions. Various other Ubuntu kernels including linux-aws (5.15.0-1031.35), linux-azure (5.15.0-1034.41), and linux-gke (5.15.0-1028.33) have also received patches (Ubuntu Security).