CVE-2022-49828

MEDIUM EPSS 5.4%
Published May 1, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 1, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: don't delete error page from pagecache This change is very similar to the change that was made for shmem [1], and it solves the same problem but for HugeTLBFS instead. Currently, when poison is found in a HugeTLB page, the page is removed from the page cache. That means that attempting to map or read that hugepage in the future will result in a new hugepage being allocated instead of notifying the user that the page was poisoned. As [1] states, this is effectively memory corruption. The fix is to leave the page in the page cache. If the user attempts to use a poisoned HugeTLB page with a syscall, the syscall will fail with EIO, the same error code that shmem uses. For attempts to map the page, the thread will get a BUS_MCEERR_AR SIGBUS. [1]: commit a76054266661 ("mm: shmem: don't truncate page if memory failure happens")

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
5.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel* <5.15.80
linuxlinux_kernel*≥5.16  –  <6.0.10
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any

References 3

  • git.kernel.org https://git.kernel.org/stable/c/30571f28bb35c826219971c63bcf60d2517112ed
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8625147cafaa9ba74713d682f5185eb62cb2aedb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ec667443b2dbc6cdbbac4073e51a17733158ec6a
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/30571f28bb35c826219971c63bcf60d2517112ed
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8625147cafaa9ba74713d682f5185eb62cb2aedb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ec667443b2dbc6cdbbac4073e51a17733158ec6a
    Patch