CVE-2022-50128

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue concerns the Linux kernel, specifically the android binder component. It involves the unsafe practice of saving a pointer to a VMA outside of the mmap lock for later use. This can lead to failure paths after the recorded VMA pointer may be freed during setup, and there is no callback to clear the saved pointer. The VMA pointer may also become stale due to various VMA operations. To address this, the binder alloc struct has been modified to record the start address of the VMA, and vma lookup() is used to retrieve the VMA when needed. Additionally, lockdep mmap lock checks have been added to ensure the lock is held for synchronization.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.