CVE-2022-49426

Published: Feb 26, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3-sva: Fix mm use-after-free We currently call arm64_mm_context_put() without holding a reference to the mm, which can result in use-after-free. Call mmgrab()/mmdrop() to ensure the mm only gets freed after we unpinned the ASID.

Vendor	Product	Versions
Linux	Linux	affected `32784a9562fb0518b12e9797ee2aec52214adf6f - < fc90f13ea0dcd960e5002d204fa55cec4e0db2fa` affected `32784a9562fb0518b12e9797ee2aec52214adf6f - < e3cbbdbff8a4db5d053c53fd71be62ccccdb52b0` affected `32784a9562fb0518b12e9797ee2aec52214adf6f - < 9aa215450888cf29af0c479e14a712dc6b0c506c` affected `32784a9562fb0518b12e9797ee2aec52214adf6f - < cbd23144f7662b00bcde32a938c4a4057e476d68`
Linux	Linux	affected `5.11` unaffected `0 - < 5.11` unaffected `5.15.46 - <= 5.15.` unaffected `5.17.14 - <= 5.17.` unaffected `5.18.3 - <= 5.18.*` +1 more versions

References

https://git.kernel.org/stable/c/fc90f13ea0dcd960e5002d204fa55cec4e0db2fa

https://git.kernel.org/stable/c/e3cbbdbff8a4db5d053c53fd71be62ccccdb52b0

https://git.kernel.org/stable/c/9aa215450888cf29af0c479e14a712dc6b0c506c

https://git.kernel.org/stable/c/cbd23144f7662b00bcde32a938c4a4057e476d68

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-49426

Description

Affected Products

References