vulnerability

Huawei EulerOS: CVE-2022-49562: kernel security update

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

Feb 26, 2025

Added

Jul 1, 2025

Modified

Apr 1, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

KVM: x86: Use __try_cmpxchg_user() to update guest PTE A/D bits

Use the recently introduced __try_cmpxchg_user() to update guest PTE A/D
bits instead of mapping the PTE into kernel address space. The VM_PFNMAP
path is broken as it assumes that vm_pgoff is the base pfn of the mapped
VMA range, which is conceptually wrong as vm_pgoff is the offset relative
to the file and has nothing to do with the pfn. The horrific hack worked
for the original use case (backing guest memory with /dev/mem), but leads
to accessing "random" pfns for pretty much any other VM_PFNMAP case.

Solutions

huawei-euleros-2_0_sp13-upgrade-bpftoolhuawei-euleros-2_0_sp13-upgrade-kernelhuawei-euleros-2_0_sp13-upgrade-kernel-abi-stablelistshuawei-euleros-2_0_sp13-upgrade-kernel-toolshuawei-euleros-2_0_sp13-upgrade-kernel-tools-libshuawei-euleros-2_0_sp13-upgrade-python3-perf

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report