CVE-2022-50675Type Confusion in Linux

CWE-843Type Confusion6 documents5 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 90.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored Prior to commit 69e3b846d8a7 ("arm64: mte: Sync tags for pages where PTE is untagged"), mte_sync_tags() was only called for pte_tagged() entries (those mapped with PROT_MTE). Therefore mte_sync_tags() could safely use test_and_set_bit(PG_mte_tagged, &page->flags) without inadvertently setting PG_mte_tagged on an untagged page. The above commit was required

Affected Packages4 packages

Linuxlinux/linux_kernel5.14.05.15.82+1
Debianlinux/linux_kernel< 6.0.3-1+2
CVEListV5linux/linux69e3b846d8a753f9f279f29531ca56b0f7563ad0918002bdbe4328c8c0164a22e8ebf2384b80dc23+3
debiandebian/linux< linux 6.0.3-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-cvq8-ghfq-j2cg: In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored Prior to2025-12-09
OSV
CVE-2022-50675: In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored Prior to co2025-12-09
OSV
arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored2025-12-09

📋Vendor Advisories

2
Red Hat
kernel: arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored2025-12-09
Debian
CVE-2022-50675: linux - In the Linux kernel, the following vulnerability has been resolved: arm64: mte:...2022