CVE-2022-49645

In the Linux kernel, the following vulnerability has been resolved:

drm/panfrost: Fix shrinker list corruption by madvise IOCTL

Calling madvise IOCTL twice on BO causes memory shrinker list corruption
and crashes kernel because BO is already on the list and it's added to
the list again, while BO should be removed from the list before it's
re-added. Fix it.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
VendorProductVersion
linuxlinux_kernel
5.4 ≤
𝑥
< 5.4.207
linuxlinux_kernel
5.5 ≤
𝑥
< 5.10.132
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.56
linuxlinux_kernel
5.16 ≤
𝑥
< 5.18.13
linuxlinux_kernel
5.19:rc1
linuxlinux_kernel
5.19:rc2
linuxlinux_kernel
5.19:rc3
linuxlinux_kernel
5.19:rc4
linuxlinux_kernel
5.19:rc5
linuxlinux_kernel
5.19:rc6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.234-1
fixed
bookworm
6.1.123-1
fixed
bookworm (security)
6.1.128-1
fixed
trixie
6.12.12-1
fixed
sid
6.12.16-1
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/0581613df7f9a4c5fac096ce1d5fb15b7b994240
https://git.kernel.org/stable/c/1807d8867402a58b831a7fc16832747ff559a0d1
https://git.kernel.org/stable/c/393594aad55179eb761af41533d8d1d6eb4543b0
https://git.kernel.org/stable/c/9fc33eaaa979d112d10fea729edcd2a2e21aa912
https://git.kernel.org/stable/c/f036392edd9c49090781d8cca26ad6557a63bae4