CVE-2022-49989

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-49989
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49989.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49989
Downstream
Related
Published
2025-06-18T11:00:50.126Z
Modified
2026-03-20T12:22:31.651798Z
Summary
xen/privcmd: fix error exit of privcmd_ioctl_dm_op()
Details

In the Linux kernel, the following vulnerability has been resolved:

xen/privcmd: fix error exit of privcmdioctldm_op()

The error exit of privcmdioctldmop() is calling unlockpages() potentially with pages being NULL, leading to a NULL dereference.

Additionally lockpages() doesn't check for pinuserpagesfast() having been completely successful, resulting in potentially not locking all pages into memory. This could result in sporadic failures when using the related memory in user mode.

Fix all of that by calling unlockpages() always with the real number of pinned pages, which will be zero in case pages being NULL, and by checking the number of pages pinned by pinuserpagesfast() matching the expected number of pages.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49989.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ab520be8cd5d56867fc95cfbc34b90880faf1f9d
Fixed
6de50db104af0dc921f593fd95c55db86a52ceef
Fixed
c2b7bae7c90051fd6a679d5dee00400d67ebbf4a
Fixed
45d47bd9b96e7874b98dbcc7602fe2826c5d62a6
Fixed
c5deb27895e017a0267de0a20d140ad5fcc55a54

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49989.json"