CVE-2022-49828
Published: May 1, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: don't delete error page from pagecache This change is very similar to the change that was made for shmem [1], and it solves the same problem but for HugeTLBFS instead. Currently, when poison is found in a HugeTLB page, the page is removed from the page cache. That means that attempting to map or read that hugepage in the future will result in a new hugepage being allocated instead of notifying the user that the page was poisoned. As [1] states, this is effectively memory corruption. The fix is to leave the page in the page cache. If the user attempts to use a poisoned HugeTLB page with a syscall, the syscall will fail with EIO, the same error code that shmem uses. For attempts to map the page, the thread will get a BUS_MCEERR_AR SIGBUS. [1]: commit a76054266661 ("mm: shmem: don't truncate page if memory failure happens")
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 78bb920344b8a6f04b79a7c254041723b931c94f - < 30571f28bb35c826219971c63bcf60d2517112edaffected 78bb920344b8a6f04b79a7c254041723b931c94f - < ec667443b2dbc6cdbbac4073e51a17733158ec6aaffected 78bb920344b8a6f04b79a7c254041723b931c94f - < 8625147cafaa9ba74713d682f5185eb62cb2aedb |
Linux | Linux | affected 4.13unaffected 0 - < 4.13unaffected 5.15.80 - <= 5.15.*unaffected 6.0.10 - <= 6.0.*unaffected 6.1 - <= * |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now