PT-2025-7972 · Linux+4 · Linux Kernel+4

Mikulas Patocka

Published

2022-04-13

Updated

2025-09-29

CVE-2022-49044

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory corruption issue exists in the Linux kernel due to the dm-integrity setup, where the tag size parameter is less than the actual digest size. This causes dm-integrity to write beyond the end of the ic->recalc tags array, resulting in memory corruption. The corruption occurs in the integrity recalc function, specifically in the integrity sector checksum and crypto shash final functions.

Recommendations To resolve this issue, increase the size of the tags array to accommodate the full digest size for the last member of the tags array, ensuring enough padding at the end to prevent memory corruption. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

ALSA-2025_16880

BDU:2026-03651

CESA-2022_5564

CESA-2022_7683

CVE-2022-49044

OESA-2025-1282

OPENSUSE-SU-2025_1263-1

RHSA-2022:5249

RHSA-2022:5564

RHSA-2022:7683

RHSA-2022_5249

RHSA-2022_5564

RHSA-2022_7683

SUSE-SU-2025:01600-1

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025_01600-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1263-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2025-7972 · Linux+4 · Linux Kernel+4

CVE-2022-49044

Weakness Enumeration

Related Identifiers

Affected Products

References · 1506