CVE-2022-49053

HIGH EPSS 17.2%
Published Feb 26, 20251y ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmu_try_get_data_page() looks up pages under cmdr_lock, but it does not take refcount properly and just returns page pointer. When tcmu_try_get_data_page() returns, the returned page may have been freed by tcmu_blocks_release(). We need to get_page() under cmdr_lock to avoid concurrent tcmu_blocks_release().

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
17.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel* <4.14.276
linuxlinux_kernel*≥4.15  –  <4.19.239
linuxlinux_kernel*≥4.20  –  <5.4.190
linuxlinux_kernel*≥5.5  –  <5.10.112
linuxlinux_kernel*≥5.11  –  <5.15.35
linuxlinux_kernel*≥5.16  –  <5.17.4
linuxlinux_kernel5.18any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/a6968f7a367f128d120447360734344d5a3d5336
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a9564d84ed9f6ee71017d062d0d2182154294a4b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/aec36b98a1bbaa84bfd8299a306e4c12314af626
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b7f3b5d70c834f49f7d87a2f2ed1c6284d9a0322
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d7c5d79e50be6e06b669141e3db1f977a0dd4e8e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e3e0e067d5b34e4a68e3cc55f8eebc413f56f8ed
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fb7a5115422fbd6a4d505e8844f1ef5529f10489
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/a6968f7a367f128d120447360734344d5a3d5336
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a9564d84ed9f6ee71017d062d0d2182154294a4b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/aec36b98a1bbaa84bfd8299a306e4c12314af626
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b7f3b5d70c834f49f7d87a2f2ed1c6284d9a0322
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d7c5d79e50be6e06b669141e3db1f977a0dd4e8e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e3e0e067d5b34e4a68e3cc55f8eebc413f56f8ed
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fb7a5115422fbd6a4d505e8844f1ef5529f10489
    Patch