CVE-2022-39188Race Condition in Kernel

CWE-362Race ConditionCWE-416Use After Free31 documents9 sources
Severity
4.7MEDIUMNVD
OSV7.8OSV5.9OSV5.5OSV4.4
EPSS
0.0%
top 95.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Linux KernelDebian LinuxDebian Linux+3 more
Timeline
PublishedSep 2
Latest updateFeb 13

Description

An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages7 packages

NVDlinux/linux_kernel< 5.19
Debianlinux/linux_kernel< 5.10.149-1+3
Ubuntulinux/linux_kernel< 4.15.0-201.212+3
debiandebian/linux< linux 5.19.6-1 (bookworm)

Also affects: Debian Linux 10.0, 11.0

Patches

Patch: bugs.chromium.orgPatch: cdn.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

12
OSV
linux, linux-kvm, linux-lts-xenial vulnerabilities2023-04-12
OSV
linux-aws vulnerabilities2023-04-06
OSV
linux-gke-5.15 vulnerabilities2023-02-15
OSV
linux-bluefield vulnerabilities2023-01-19
OSV
linux-azure-5.4, linux-azure-fde vulnerabilities2023-01-10

📋Vendor Advisories

18
CISA ICS
Siemens SCALANCE W7002025-02-13
Palo Alto
PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS2024-02-14
CISA ICS
Siemens SIMATIC S7-1500 TM MFP BIOS2023-06-15
CISA ICS
Siemens SIMATIC S7-1500 TM MFP Linux Kernel2023-06-15
Ubuntu
Linux kernel (AWS) vulnerabilities2023-04-12
CVE-2022-39188 — Race Condition in Linux Kernel | cvebase