CVE-2022-49426

HIGH7.8

iommu/arm-smmu-v3-sva: Fix mm use-after-free

Published Feb 26, 2025

Modified 10 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

iommu/arm-smmu-v3-sva: Fix mm use-after-free

We currently call arm64_mm_context_put() without holding a reference to the mm, which can result in use-after-free. Call mmgrab()/mmdrop() to ensure the mm only gets freed after we unpinned the ASID.

References

WEB

https://git.kernel.org/stable/c/9aa215450888cf29af0c479e14a712dc6b0c506c

WEB

https://git.kernel.org/stable/c/cbd23144f7662b00bcde32a938c4a4057e476d68

WEB

https://git.kernel.org/stable/c/e3cbbdbff8a4db5d053c53fd71be62ccccdb52b0

WEB

https://git.kernel.org/stable/c/fc90f13ea0dcd960e5002d204fa55cec4e0db2fa

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2022-49426

CVSS Analysis

CVSS v3.1

7.8

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Ecosystems

Timeline

PublishedFeb 26, 2025

ModifiedMay 4, 2025

CVE-2022-49426 | Mondoo Vulnerability Intelligence