Memory Management Vulnerability in Linux Kernel Affecting QEMU
CVE-2022-49760
What is CVE-2022-49760?
A critical issue has been identified in the Linux kernel's handling of the PTE marker within the hugetlb_change_protection function. This vulnerability arises when operating with QEMU's virtio-mem and background snapshots, which can lead to incorrect handling of memory protection, particularly during the usage of userfaultfd write-protection (uffd-wp). The improper management of PTE markers may result in a situation where invalid memory references are processed, ultimately causing kernel panic or crashes. Specific scenarios trigger this flaw, such as remapping memory backed by huge pages in conjunction with uffd-wp, potentially allowing malicious users to manipulate memory access in unintended ways.
Affected Version(s)
Linux 60dfaad65aa97fb6755b9798a6b3c9e79bcd5930 < 6062c992e912df1eedad52cf64efb3d48e8d35c5
Linux 60dfaad65aa97fb6755b9798a6b3c9e79bcd5930 < 0e678153f5be7e6c8d28835f5a678618da4b7a9c
Linux 5.19