Linux · Linux Kernel · CVE-2022-49053
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
A issue in the Linux kernel has been identified where the `tcmu try get data page()` function does not properly take a reference count on pages under `cmdr lock`, potentially leading to a page use-after-free (UAF) scenario. This can occur when `tcmu blocks release()` frees the page after `tcmu try get data page()` returns the page pointer. To prevent this, it is necessary to call `get page()` under `cmdr lock` to avoid concurrent `tcmu blocks release()` calls.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.