{
  "threat_severity" : "Moderate",
  "public_date" : "2022-07-06T16:30:00Z",
  "bugzilla" : {
    "description" : "kernel: unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry",
    "id" : "2130141",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2130141"
  },
  "cvss3" : {
    "cvss3_base_score" : "4.7",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-416",
  "details" : [ "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.", "A flaw was found in include/asm-generic/tlb.h in the Linux kernel due to a race condition (unmap_mapping_range versus munmap). This issue allows a device driver to free a page while it still has stale TLB entries." ],
  "statement" : "This issue only occurs in situations with VM_PFNMAP virtual memory areas (VMAs).",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2023-05-16T00:00:00Z",
    "advisory" : "RHSA-2023:2736",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv",
    "package" : "kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2023-05-16T00:00:00Z",
    "advisory" : "RHSA-2023:2951",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-477.10.1.el8_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Extended Update Support",
    "release_date" : "2023-05-31T00:00:00Z",
    "advisory" : "RHSA-2023:3388",
    "cpe" : "cpe:/o:redhat:rhel_eus:8.6",
    "package" : "kernel-0:4.18.0-372.57.1.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-05-09T00:00:00Z",
    "advisory" : "RHSA-2023:2458",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-284.11.1.el9_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-05-09T00:00:00Z",
    "advisory" : "RHSA-2023:2148",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9::nfv",
    "package" : "kernel-rt-0:5.14.0-284.11.1.rt14.296.el9_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-05-09T00:00:00Z",
    "advisory" : "RHSA-2023:2458",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-284.11.1.el9_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.0 Extended Update Support",
    "release_date" : "2023-08-29T00:00:00Z",
    "advisory" : "RHSA-2023:4801",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.0",
    "package" : "kernel-0:5.14.0-70.70.1.el9_0"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.0 Extended Update Support",
    "release_date" : "2023-08-29T00:00:00Z",
    "advisory" : "RHSA-2023:4814",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.0::nfv",
    "package" : "kernel-rt-0:5.14.0-70.70.1.rt21.141.el9_0"
  }, {
    "product_name" : "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
    "release_date" : "2023-05-31T00:00:00Z",
    "advisory" : "RHSA-2023:3388",
    "cpe" : "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
    "package" : "kernel-0:4.18.0-372.57.1.el8_6"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-39188\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-39188\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2329\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b67fbebd4cf980aecbcc750e1462128bffe8ae15\nhttps://lore.kernel.org/stable/20220831191348.3388208-1-jannh@google.com/T/#u" ],
  "name" : "CVE-2022-39188",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}