CVE-2022-49077
MEDIUM EPSS 13.9%
Published Feb 26, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0) If an mremap() syscall with old_size=0 ends up in move_page_tables(), it will call invalidate_range_start()/invalidate_range_end() unnecessarily, i.e. with an empty range. This causes a WARN in KVM's mmu_notifier. In the past, empty ranges have been diagnosed to be off-by-one bugs, hence the WARNing. Given the low (so far) number of unique reports, the benefits of detecting more buggy callers seem to outweigh the cost of having to fix cases such as this one, where userspace is doing something silly. In this particular case, an early return from move_page_tables() is enough to fix the issue.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
13.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-193
Affected Products 9
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | <4.9.311 |
| linux | linux_kernel | * | ≥4.10 – <4.14.276 |
| linux | linux_kernel | * | ≥4.15 – <4.19.238 |
| linux | linux_kernel | * | ≥4.20 – <5.4.189 |
| linux | linux_kernel | * | ≥5.5 – <5.10.111 |
| linux | linux_kernel | * | ≥5.11 – <5.15.34 |
| linux | linux_kernel | * | ≥5.16 – <5.16.20 |
| linux | linux_kernel | * | ≥5.17 – <5.17.3 |
| linux | linux_kernel | 5.18 | any |
References 9
- git.kernel.org https://git.kernel.org/stable/c/01e67e04c28170c47700c2c226d732bbfedb1ad0
- git.kernel.org https://git.kernel.org/stable/c/04bc13dae4a27b8d030843c85ae452bb2f1d9c1f
- git.kernel.org https://git.kernel.org/stable/c/2358aa84ef6dafcf544a557caaa6b91afb4a0bd2
- git.kernel.org https://git.kernel.org/stable/c/7d659cb1763ff17d1c6ee082fa6feb4267c7a30b
- git.kernel.org https://git.kernel.org/stable/c/a04cb99c5d4668fe3f5c0e5b6da1cecd34c3f219
- git.kernel.org https://git.kernel.org/stable/c/a05540f3903bd8295e8c4cd90dd3d416239a115b
- git.kernel.org https://git.kernel.org/stable/c/c19d8de4e682ec4b0ea2b04a832cd8cc0be3bb31
- git.kernel.org https://git.kernel.org/stable/c/e2c328c2a8f9de8b761bd4025b66c63120c55761
- git.kernel.org https://git.kernel.org/stable/c/eeaf28e2a0128147d687237e59d5407ee1b14693
Remediation
- git.kernel.org https://git.kernel.org/stable/c/01e67e04c28170c47700c2c226d732bbfedb1ad0
- git.kernel.org https://git.kernel.org/stable/c/04bc13dae4a27b8d030843c85ae452bb2f1d9c1f
- git.kernel.org https://git.kernel.org/stable/c/2358aa84ef6dafcf544a557caaa6b91afb4a0bd2
- git.kernel.org https://git.kernel.org/stable/c/7d659cb1763ff17d1c6ee082fa6feb4267c7a30b
- git.kernel.org https://git.kernel.org/stable/c/a04cb99c5d4668fe3f5c0e5b6da1cecd34c3f219
- git.kernel.org https://git.kernel.org/stable/c/a05540f3903bd8295e8c4cd90dd3d416239a115b
- git.kernel.org https://git.kernel.org/stable/c/c19d8de4e682ec4b0ea2b04a832cd8cc0be3bb31
- git.kernel.org https://git.kernel.org/stable/c/e2c328c2a8f9de8b761bd4025b66c63120c55761
- git.kernel.org https://git.kernel.org/stable/c/eeaf28e2a0128147d687237e59d5407ee1b14693