CVE-2022-41222
kernel: mm/mremap.c use-after-free vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.
El archivo mm/mremap.c en el kernel de Linux versiones anteriores a 5.13.3, presenta un uso de memoria previamente liberada por medio de un TLB obsoleto porque un bloqueo rmap no es mantenido durante un movimiento PUD
A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code in how a race condition happens between rmap walk and mremap. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Red Hat Advanced Cluster Management for Kubernetes 2.5.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a denial of service vulnerability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-09-21 CVE Reserved
- 2022-09-21 CVE Published
- 2022-09-22 First Exploit
- 2024-08-03 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-416: Use After Free
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/168466/Linux-Stable-5.4-5.10-Use-After-Free-Race-Condition.html | Third Party Advisory |
|
| https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html | Mailing List |
|
| https://security.netapp.com/advisory/ntap-20230214-0008 | Third Party Advisory |
|
| URL | Date | SRC |
|---|---|---|
| https://packetstorm.news/files/id/168466 | 2022-09-22 | |
| https://packetstorm.news/files/id/189873 | 2025-03-17 | |
| https://bugs.chromium.org/p/project-zero/issues/detail?id=2347 | 2024-08-03 |
| URL | Date | SRC |
|---|---|---|
| https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3 | 2023-07-21 | |
| https://access.redhat.com/security/cve/CVE-2022-41222 | 2023-06-06 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2138818 | 2023-06-06 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.0 < 5.4.211 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.0 < 5.4.211" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.5 < 5.10.137 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.10.137" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.11 < 5.12.18 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.12.18" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.13 < 5.13.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.13 < 5.13.3" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Hci Baseboard Management Controller Search vendor "Netapp" for product "Hci Baseboard Management Controller" | h300s Search vendor "Netapp" for product "Hci Baseboard Management Controller" and version "h300s" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Hci Baseboard Management Controller Search vendor "Netapp" for product "Hci Baseboard Management Controller" | h410c Search vendor "Netapp" for product "Hci Baseboard Management Controller" and version "h410c" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Hci Baseboard Management Controller Search vendor "Netapp" for product "Hci Baseboard Management Controller" | h410s Search vendor "Netapp" for product "Hci Baseboard Management Controller" and version "h410s" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Hci Baseboard Management Controller Search vendor "Netapp" for product "Hci Baseboard Management Controller" | h500s Search vendor "Netapp" for product "Hci Baseboard Management Controller" and version "h500s" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Hci Baseboard Management Controller Search vendor "Netapp" for product "Hci Baseboard Management Controller" | h700s Search vendor "Netapp" for product "Hci Baseboard Management Controller" and version "h700s" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 20.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "20.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 22.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "22.04" | lts |
Affected
| ||||||