CVE-2022-50035

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.20.0

Description A use-after-free issue has been identified in the Linux kernel, specifically in the drm/amdgpu component. This issue arises when amdgpu cs vm handling returns a non-zero value, causing the bo list mutex to be unlocked twice, resulting in a use-after-free problem. The issue is associated with the amdgpu cs ioctl function and can lead to a warning and potential system instability.

Recommendations For Linux kernel versions prior to 5.20.0, update to a newer version that includes the fix for the use-after-free issue on the amdgpu bo list mutex. As a temporary workaround, consider disabling the amdgpu cs vm handling function until a patch is available. Restrict access to the drm/amdgpu component to minimize the risk of exploitation. Avoid using the amdgpu cs ioctl function in sensitive operations until the issue is resolved.