CVE-2022-49077
- Source
- https://cve.org/CVERecord?id=CVE-2022-49077
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49077.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-49077
- Downstream
- Published
- 2025-02-26T01:54:39.739Z
- Modified
- 2026-04-02T08:27:16.228751Z
- Summary
- mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0)
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
mmmremap.c: avoid pointless invalidaterangestart/end on mremap(old_size=0)
If an mremap() syscall with oldsize=0 ends up in movepagetables(), it will call invalidaterangestart()/invalidaterange_end() unnecessarily, i.e. with an empty range.
This causes a WARN in KVM's mmunotifier. In the past, empty ranges have been diagnosed to be off-by-one bugs, hence the WARNing. Given the low (so far) number of unique reports, the benefits of detecting more buggy callers seem to outweigh the cost of having to fix cases such as this one, where userspace is doing something silly. In this particular case, an early return from movepage_tables() is enough to fix the issue.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49077.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/01e67e04c28170c47700c2c226d732bbfedb1ad0
- https://git.kernel.org/stable/c/04bc13dae4a27b8d030843c85ae452bb2f1d9c1f
- https://git.kernel.org/stable/c/2358aa84ef6dafcf544a557caaa6b91afb4a0bd2
- https://git.kernel.org/stable/c/7d659cb1763ff17d1c6ee082fa6feb4267c7a30b
- https://git.kernel.org/stable/c/a04cb99c5d4668fe3f5c0e5b6da1cecd34c3f219
- https://git.kernel.org/stable/c/a05540f3903bd8295e8c4cd90dd3d416239a115b
- https://git.kernel.org/stable/c/c19d8de4e682ec4b0ea2b04a832cd8cc0be3bb31
- https://git.kernel.org/stable/c/e2c328c2a8f9de8b761bd4025b66c63120c55761
- https://git.kernel.org/stable/c/eeaf28e2a0128147d687237e59d5407ee1b14693
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49077.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-49077
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced7b6efc2bc4f19952b25ebf9b236e5ac43cd386c2Fixeda05540f3903bd8295e8c4cd90dd3d416239a115bFixedeeaf28e2a0128147d687237e59d5407ee1b14693Fixede2c328c2a8f9de8b761bd4025b66c63120c55761Fixedc19d8de4e682ec4b0ea2b04a832cd8cc0be3bb31Fixed7d659cb1763ff17d1c6ee082fa6feb4267c7a30bFixeda04cb99c5d4668fe3f5c0e5b6da1cecd34c3f219Fixed2358aa84ef6dafcf544a557caaa6b91afb4a0bd2Fixed04bc13dae4a27b8d030843c85ae452bb2f1d9c1fFixed01e67e04c28170c47700c2c226d732bbfedb1ad0