Description

In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Job should reference MMU not file_priv For a while now it's been allowed for a MMU context to outlive it's corresponding panfrost_priv, however the job structure still references panfrost_priv to get hold of the MMU context. If panfrost_priv has been freed this is a use-after-free which I've been able to trigger resulting in a splat. To fix this, drop the reference to panfrost_priv in the job structure and add a direct reference to the MMU structure which is what's actually needed.

INFO

Published Date :

2025-02-26T02:11:07.930Z

Last Modified :

2025-05-04T12:44:30.679Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49359 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49359.

URL Resource
https://git.kernel.org/stable/c/472dd7ea5e19a1aeabf1711ddc756777e05ee7c2 cve-icon cve-icon
https://git.kernel.org/stable/c/6e516faf04317db2c46cbec4e3b78b4653a5b109 cve-icon cve-icon
https://git.kernel.org/stable/c/8c8e8cc91a6ffc79865108279a74fd57d9070a17 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025022644-CVE-2022-49359-f054@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49359 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49359 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact