PT-2025-8459 · Linux+2 · Linux Kernel+2

Dan Carpenter

Published

2022-04-25

Updated

2025-04-16

CVE-2022-49526

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for the md/bitmap vulnerability

Description A vulnerability in the Linux kernel has been identified, which can cause a kernel crash when the bitmap area contains invalid data. This issue is specific to clustered environments and occurs when the kernel space handles bitmap slot information. The crash is triggered by a divide error in the md bitmap create function, which is called by md bitmap read sb. The vulnerability can be exploited by modifying the bitmap data, leading to a segmentation fault.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the md/bitmap vulnerability. As a temporary workaround, consider avoiding the use of clustered environments or restricting access to the md bitmap create function until a patch is available.

Exploit

Fix

NULL Pointer Dereference

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476CWE-119

Related Identifiers

BDU:2026-02570

CVE-2022-49526

OESA-2025-1282

OPENSUSE-SU-2025_1263-1

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025:1293-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1263-1

SUSE-SU-2025_1293-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2025-8459 · Linux+2 · Linux Kernel+2

CVE-2022-49526

Weakness Enumeration

Related Identifiers

Affected Products

References · 1531