PT-2021-1527 · Linux+9 · Linux Kernel+9

Published

2021-07-07

·

Updated

2023-07-21

·

CVE-2022-41222

CVSS v3.1

7.0

High

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.13.3
Description The issue is related to a use-after-free via a stale TLB because an rmap lock is not held during a PUD move in the mm/mremap.c file. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
Recommendations For Linux kernel versions prior to 5.13.3, update to version 5.13.3 or later to resolve the issue. As a temporary workaround, consider applying configuration changes to minimize the risk of exploitation, although specific details are not provided. At the moment, there is no additional information about other mitigation measures.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2023:0832
ALSA-2023:0854
ALT-PU-2021-2284
ALT-PU-2021-2486
ALT-PU-2021-2616
ALT-PU-2021-3563
ALT-PU-2021-3573
ALT-PU-2022-1240
ALT-PU-2022-1419
ALT-PU-2022-1421
ALT-PU-2023-1814
ASB-A-248354871
BDU:2022-06017
CESA-2023_0832
CESA-2023_0839
CESA-2023_0854
CVE-2022-41222
DLA-3173-1
LSN-0091-1
OPENSUSE-SU-2022_3609-1
OPENSUSE-SU-2022_3775-1
RHSA-2023:0832
RHSA-2023:0839
RHSA-2023:0854
RHSA-2023:1130
RHSA-2023:1192
RHSA-2023:3491
RHSA-2023_0832
RHSA-2023_0854
RLSA-2023:0832
RLSA-2023:0854
RXSA-2023:0832
SUSE-SU-2022:3606-1
SUSE-SU-2022:3607-1
SUSE-SU-2022:3609-1
SUSE-SU-2022:3648-1
SUSE-SU-2022:3657-1
SUSE-SU-2022:3704-1
SUSE-SU-2022:3775-1
SUSE-SU-2022:3809-1
USN-5728-1
USN-5728-2
USN-5728-3

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu