PT-2025-8361 · Linux+2 · Linux Kernel+2

Hsin-Yi Wang

Published

2022-05-04

Updated

2025-04-14

CVE-2022-49427

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version containing the commit b34ea31fe013

Description A vulnerability in the Linux kernel has been resolved. The issue was related to the iommu clock control in the mtk iommu remove function. After a specific commit, the iommu clock is controlled by the runtime callback, thus removing the need for clk control in the mtk iommu remove function. Without this fix, a warning would occur when unbinding the mtk-iommu driver, resulting in a call trace and a warning message indicating that the vpp0 smi iommu is already disabled.

Recommendations For Linux kernel versions prior to the version containing the commit b34ea31fe013, update to a version that includes this commit to resolve the issue. As a temporary workaround, consider avoiding the removal of the mtk-iommu driver to prevent the warning message.

Exploit

Fix

Improper Access Control

Incorrect Privilege Assignment

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-266CWE-200

Related Identifiers

BDU:2026-03680

CVE-2022-49427

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2025-8361 · Linux+2 · Linux Kernel+2

CVE-2022-49427

Weakness Enumeration

Related Identifiers

Affected Products

References · 1333