CVE-2022-49172

{"id": "CVE-2022-49172", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 1.8}]}, "published": "2025-02-26T07:00:54.313", "references": [{"url": "https://git.kernel.org/stable/c/b3d6adb3a49d82e4e557c5fc16f50c9ff731da5d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ddca4b82027e2a66333dd40fab21a4beff435c7e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f839e5f1cef36ce268950c387129b1bfefdaebc9", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nparisc: Fix non-access data TLB cache flush faults\n\nWhen a page is not present, we get non-access data TLB faults from\nthe fdc and fic instructions in flush_user_dcache_range_asm and\nflush_user_icache_range_asm. When these occur, the cache line is\nnot invalidated and potentially we get memory corruption. The\nproblem was hidden by the nullification of the flush instructions.\n\nThese faults also affect performance. With pa8800/pa8900 processors,\nthere will be 32 faults per 4 KB page since the cache line is 128\nbytes. There will be more faults with earlier processors.\n\nThe problem is fixed by using flush_cache_pages(). It does the flush\nusing a tmp alias mapping.\n\nThe flush_cache_pages() call in flush_cache_range() flushed too\nlarge a range.\n\nV2: Remove unnecessary preempt_disable() and preempt_enable() calls."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: parisc: Se corrigen los fallos de vaciado de cach\u00e9 TLB de datos sin acceso Cuando una p\u00e1gina no est\u00e1 presente, obtenemos fallos de TLB de datos sin acceso de las instrucciones fdc y fic en flush_user_dcache_range_asm y flush_user_icache_range_asm. Cuando esto ocurre, la l\u00ednea de cach\u00e9 no se invalida y potencialmente obtenemos corrupci\u00f3n de memoria. El problema estaba oculto por la anulaci\u00f3n de las instrucciones de vaciado. Estos fallos tambi\u00e9n afectan el rendimiento. Con los procesadores pa8800/pa8900, habr\u00e1 32 fallos por p\u00e1gina de 4 KB ya que la l\u00ednea de cach\u00e9 es de 128 bytes. Habr\u00e1 m\u00e1s fallos con procesadores anteriores. El problema se soluciona utilizando flush_cache_pages(). Realiza el vaciado utilizando una asignaci\u00f3n de alias tmp. La llamada flush_cache_pages() en flush_cache_range() vaci\u00f3 un rango demasiado grande. V2: Eliminar las llamadas preempt_disable() y preempt_enable() innecesarias."}], "lastModified": "2025-09-23T13:42:30.587", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18F5AF68-F1E7-4C3F-8521-ECDD471EAC43", "versionEndExcluding": "5.16.19"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "210C679C-CF84-44A3-8939-E629C87E54BF", "versionEndExcluding": "5.17.2", "versionStartIncluding": "5.17"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}