DEBIAN-CVE-2022-48897

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2022-48897
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-48897.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2022-48897
Upstream
Published
2024-08-21T07:15:05.693Z
Modified
2025-11-19T02:01:14.930493Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved: arm64/mm: fix incorrect filemapcount for invalid pmd The page table check trigger BUGON() unexpectedly when split hugepage: ------------[ cut here ]------------ kernel BUG at mm/pagetablecheck.c:119! Internal error: Oops - BUG: 00000000f2000800 [#1] SMP Dumping ftrace buffer: (ftrace buffer empty) Modules linked in: CPU: 7 PID: 210 Comm: transhuge-stres Not tainted 6.1.0-rc3+ #748 Hardware name: linux,dummy-virt (DT) pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : pagetablecheckset.isra.0+0x398/0x468 lr : pagetablecheckset.isra.0+0x1c0/0x468 [...] Call trace: pagetablecheckset.isra.0+0x398/0x468 __pagetablecheckpteset+0x160/0x1c0 __splithugepmd_locked+0x900/0x1648 __splithugepmd+0x28c/0x3b8 unmappagerange+0x428/0x858 unmapsinglevma+0xf4/0x1c8 zappagerange+0x2b0/0x410 madvisevmabehavior+0xc44/0xe78 do_madvise+0x280/0x698 _arm64sysmadvise+0x90/0xe8 invokesyscall.constprop.0+0xdc/0x1d8 doel0svc+0xf4/0x3f8 el0svc+0x58/0x120 el0t64synchandler+0xb8/0xc0 el0t64sync+0x19c/0x1a0 [...] On arm64, pmdleaf() will return true even if the pmd is invalid due to pmdpresentinvalid() check. So in pmdpinvalidate() the filemapcount will not only decrease once but also increase once. Then in setpteat(), the filemapcount increase again, and so trigger BUGON() unexpectedly. Add !pmdpresentinvalid() check in pmduseraccessiblepage() to fix the problem.

References

Affected packages

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.7-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-48897.json"

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.7-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-48897.json"

Debian:14 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.7-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-48897.json"