PT-2025-8643 · Linux+4 · Linux Kernel+4

Mikulas Patocka

Published

2022-06-16

Updated

2025-04-16

CVE-2022-49710

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A bug in the Linux kernel's dm-log code has been identified, where the region bitmap size is rounded up to 32 bits, but the allocated region is accessed using unsigned long pointers by the function find next zero bit le. On 64-bit architectures, this may result in accessing 4 bytes beyond the allocated size.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Insufficient Verification of Data Authenticity

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-345

Related Identifiers

BDU:2026-03994

CESA-2022_7683

CVE-2022-49710

OPENSUSE-SU-2025_1263-1

RHSA-2022:7683

RHSA-2022:8267

RHSA-2022_7683

RHSA-2022_8267

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025:1293-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1263-1

SUSE-SU-2025_1293-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2025-8643 · Linux+4 · Linux Kernel+4

CVE-2022-49710

Weakness Enumeration

Related Identifiers

Affected Products

References · 1500