CVE-2022-49988

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, related to the binder alloc module. The issue involved missing mmap lock calls when using the VMA. Specifically, the mmap read lock() was not taken when using the VMA in binder alloc print pages() and when checking for a VMA in binder alloc new buf locked(). It is noted that binder alloc new buf locked() drops the VMA read lock after verifying a VMA exists, but it may be taken again deeper in the call stack if necessary.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.