vulnerability

Debian: CVE-2022-49359: linux -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	02/27/2025	02/27/2025	03/10/2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

02/27/2025

Added

02/27/2025

Modified

03/10/2025

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/panfrost: Job should reference MMU not file_priv

For a while now it's been allowed for a MMU context to outlive it's
corresponding panfrost_priv, however the job structure still references
panfrost_priv to get hold of the MMU context. If panfrost_priv has been
freed this is a use-after-free which I've been able to trigger resulting
in a splat.

To fix this, drop the reference to panfrost_priv in the job structure
and add a direct reference to the MMU structure which is what's actually
needed.

Solution

debian-upgrade-linux

References

CVE-2022-49359
https://attackerkb.com/topics/CVE-2022-49359

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today