CVE-2022-49004
MEDIUM EPSS 15.4%
Published Oct 21, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Published Oct 21, 2024 1y ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: riscv: Sync efi page table's kernel mappings before switching The EFI page table is initially created as a copy of the kernel page table. With VMAP_STACK enabled, kernel stacks are allocated in the vmalloc area: if the stack is allocated in a new PGD (one that was not present at the moment of the efi page table creation or not synced in a previous vmalloc fault), the kernel will take a trap when switching to the efi page table when the vmalloc kernel stack is accessed, resulting in a kernel panic. Fix that by updating the efi kernel mappings before switching to the efi page table.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
15.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 9
References 3
- git.kernel.org https://git.kernel.org/stable/c/3f105a742725a1b78766a55169f1d827732e62b8
- git.kernel.org https://git.kernel.org/stable/c/96f479383d92944406d4b3f2bc03c2f640def9f1
- git.kernel.org https://git.kernel.org/stable/c/fa7a7d185ef380546b4b1fed6f84f31dbae8cec7
Remediation
- git.kernel.org https://git.kernel.org/stable/c/3f105a742725a1b78766a55169f1d827732e62b8
- git.kernel.org https://git.kernel.org/stable/c/96f479383d92944406d4b3f2bc03c2f640def9f1
- git.kernel.org https://git.kernel.org/stable/c/fa7a7d185ef380546b4b1fed6f84f31dbae8cec7