PT-2025-8004 · Linux+2 · Linux Kernel+2

Douglas Miller

Published

2022-04-08

Updated

2025-04-15

CVE-2022-49076

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free bug has been identified in the Linux kernel, specifically in the hfi1 cleanup code. Under certain conditions, such as MPI Abort, the last reference to the task mm may be dropped, allowing the mm to be freed before its final use. This can lead to problems, including corruption of the mmap sem counter, resulting in a hang, or corruption of an mm struct that is in use by another task.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2025-04429

CVE-2022-49076

OPENSUSE-SU-2025_1263-1

SUSE-SU-2025:0834-1

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025_0834-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1263-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2025-8004 · Linux+2 · Linux Kernel+2

CVE-2022-49076

Weakness Enumeration

Related Identifiers

Affected Products

References · 1497