CVE-2022-49067

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been identified, specifically related to the virt addr valid() function on 64-bit Book3E and 32-bit systems. The issue arises because pa() returns 0 for vmalloc space addresses, causing virt to pfn() and subsequently virt addr valid() to return incorrect results. This can lead to bugs with hardened usercopy, as demonstrated by a BUG occurrence when running ethtool eth0 on 64-bit Book3E. The problem is caused by virt addr valid() returning true for vmalloc addresses that alias with a valid PFN. To fix this, extra checks have been added to virt addr valid() to ensure the virtual address is below high memory and above PAGE OFFSET for 64-bit systems, and similar checks are applied for 32-bit systems.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.