CVE-2022-39188

NameCVE-2022-39188
DescriptionAn issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3131-1, DLA-3173-1, DSA-5257-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
linux (PTS)buster4.19.249-2vulnerable
buster (security)4.19.269-1fixed
bullseye5.10.158-2fixed
bullseye (security)5.10.162-1fixed
bookworm6.1.7-1fixed
sid6.1.8-1fixed
linux-5.10 (PTS)buster (security)5.10.158-2~deb10u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
linuxsourcebuster4.19.260-1DLA-3131-1
linuxsourcebullseye5.10.149-1DSA-5257-1
linuxsource(unstable)5.19.6-1
linux-5.10sourcebuster5.10.149-2~deb10u1DLA-3173-1

Notes

https://bugs.chromium.org/p/project-zero/issues/detail?id=2329
https://lore.kernel.org/stable/CAG48ez3SEqOPcPCYGHVZv4iqEApujD5VtM3Re-tCKLDEFdEdbg@mail.gmail.com/
https://git.kernel.org/linus/b67fbebd4cf980aecbcc750e1462128bffe8ae15

Search for package or bug name: Reporting problems