CVE-2022-49076

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 26, 2025

Updated: Feb 27, 2025

CWE ID 416

Summary

CVE-2022-44076 is a vulnerability affecting the Linux kernel that has been addressed. This issue involves the RDMA/hfi1 component and a use-after-free bug related to the mm struct. Under specific conditions, such as MPI_Abort, the hfi1 cleanup code may release the last reference on the task mm, allowing for a new task to allocate the mm structure while it is still in use. Consequences of this vulnerability include corruption of the mmap_sem counter, leading to a hang, and the manipulation of an mm struct currently being utilized by another task.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Linux Kernel

Affected Vendors

LINUX

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3urFA4
https://www.cve.org/CVERecord?id=CVE-2022-49076
https://nvd.nist.gov/vuln/detail/CVE-2022-49076

Back to Vulnerability Database