PT-2025-8293 · Linux+2 · Linux Kernel+2

Steven Price

Published

2022-01-01

Updated

2026-05-26

CVE-2022-49359

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free issue exists in the Linux kernel, specifically in the drm/panfrost component. This occurs because a job structure references panfrost priv to access the MMU context, even after panfrost priv has been freed. This can lead to a crash. The issue arises from the job structure holding a reference to panfrost priv instead of the MMU structure itself.

Recommendations To resolve this issue, update the job structure to directly reference the MMU structure instead of panfrost priv. This involves dropping the reference to panfrost priv in the job structure and adding a direct reference to the MMU structure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

AZL-59142

BDU:2025-10580

CVE-2022-49359

SUSE-SU-2025:1176-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1241-1

Affected Products

Debian

Linux Kernel

Suse

PT-2025-8293 · Linux+2 · Linux Kernel+2

CVE-2022-49359

Weakness Enumeration

Related Identifiers

Affected Products

References · 1307