Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-50471

Опубликовано: 04 окт. 2025
Источник: nvd
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

xen/gntdev: Accommodate VMA splitting

Prior to this commit, the gntdev driver code did not handle the following scenario correctly with paravirtualized (PV) Xen domains:

  • User process sets up a gntdev mapping composed of two grant mappings (i.e., two pages shared by another Xen domain).
  • User process munmap()s one of the pages.
  • User process munmap()s the remaining page.
  • User process exits.

In the scenario above, the user process would cause the kernel to log the following messages in dmesg for the first munmap(), and the second munmap() call would result in similar log messages:

BUG: Bad page map in process doublemap.test pte:... pmd:... page:0000000057c97bff refcount:1 mapcount:-1
mapping:0000000000000000 index:0x0 pfn:... ... page dumped because: bad pte ... file:gntdev fault:0x0 mmap:gntdev_mmap [xen_gntdev] readpage:0x0 ... Call Trace: dump_stack_lvl+0x46/0x5e pri

Ссылки

EPSS

Процентиль: 7%
0.00027
Низкий

Дефекты

Связанные уязвимости

ubuntu логотип

CVE-2022-50471

ubuntu
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodate VMA splitting Prior to this commit, the gntdev driver code did not handle the following scenario correctly with paravirtualized (PV) Xen domains: * User process sets up a gntdev mapping composed of two grant mappings (i.e., two pages shared by another Xen domain). * User process munmap()s one of the pages. * User process munmap()s the remaining page. * User process exits. In the scenario above, the user process would cause the kernel to log the following messages in dmesg for the first munmap(), and the second munmap() call would result in similar log messages: BUG: Bad page map in process doublemap.test pte:... pmd:... page:0000000057c97bff refcount:1 mapcount:-1 \ mapping:0000000000000000 index:0x0 pfn:... ... page dumped because: bad pte ... file:gntdev fault:0x0 mmap:gntdev_mmap [xen_gntdev] readpage:0x0 ... Call Trace: <TASK> dump_stack_lvl+0x46/0x5e print_bad_pte.cold+0x66/0xb6 unmap_p...

debian логотип

CVE-2022-50471

debian
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: x ...

github логотип

GHSA-4phv-whx6-wqqc

github
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodate VMA splitting Prior to this commit, the gntdev driver code did not handle the following scenario correctly with paravirtualized (PV) Xen domains: * User process sets up a gntdev mapping composed of two grant mappings (i.e., two pages shared by another Xen domain). * User process munmap()s one of the pages. * User process munmap()s the remaining page. * User process exits. In the scenario above, the user process would cause the kernel to log the following messages in dmesg for the first munmap(), and the second munmap() call would result in similar log messages: BUG: Bad page map in process doublemap.test pte:... pmd:... page:0000000057c97bff refcount:1 mapcount:-1 \ mapping:0000000000000000 index:0x0 pfn:... ... page dumped because: bad pte ... file:gntdev fault:0x0 mmap:gntdev_mmap [xen_gntdev] readpage:0x0 ... Call Trace: <TASK> dump_stack_lvl+0x46/0x5e ...

suse-cvrf логотип

SUSE-SU-2025:4111-1

suse-cvrf
3 месяца назад

Security update for the Linux Kernel

suse-cvrf логотип

SUSE-SU-2025:4320-1

suse-cvrf
2 месяца назад

Security update for the Linux Kernel

EPSS

Процентиль: 7%
0.00027
Низкий

Дефекты