CVE-2022-49562

KVM: x86: Use __try_cmpxchg_user() to update guest PTE A/D bits

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use __try_cmpxchg_user() to update guest PTE A/D bits Use the recently introduced __try_cmpxchg_user() to update guest PTE A/D bits instead of mapping the PTE into kernel address space. The VM_PFNMAP path is broken as it assumes that vm_pgoff is the base pfn of the mapped VMA range, which is conceptually wrong as vm_pgoff is the offset relative to the file and has nothing to do with the pfn. The horrific hack worked for the original use case (backing guest memory with /dev/mem), but leads to accessing "random" pfns for pretty much any other VM_PFNMAP case.

N/A
CVSS
Severity:
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/38b888911e8dc89b89d8147cfb1d2dbe6373bf78
https://git.kernel.org/stable/c/8089e5e1d18402fb8152d6b6815450a36fffa9b0
https://git.kernel.org/stable/c/f122dfe4476890d60b8c679128cd2259ec96a24c

Frequently Asked Questions

What is the severity of CVE-2022-49562?
CVE-2022-49562 has not yet been assigned a CVSS score.
How to fix CVE-2022-49562?
To fix CVE-2022-49562, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-49562 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-49562 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-49562?
CVE-2022-49562 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.