CVE-2022-49052

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, which could allow user processes to be corrupted by seeing zeroed pages unexpectedly under certain conditions. This issue occurs when two processes are cloned under CLONE VM and one process is accessing a swap page while the other is freeing the swap slot. The problem arises because the swap slot free notify function does not increase the refcount of the swap slot, making it unreliable for synchronizing swap slot freeing. The patch removes this function and relies on the page table lock for synchronization, ensuring that correct data is seen by the processes.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.