CVE-2022-49635
Published: 26 February 2025
Summary
CVE-2022-49635 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 31.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).
Deeper analysis
CVE-2022-49635 is a subtraction overflow vulnerability in the Linux kernel's drm/i915/selftests component. The issue arises when hole_end is small enough to trigger subtraction overflow on certain machines, or when addr + 2 * min_alignment overflows during mock tests. Rated at CVSS 3.1 score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and mapped to CWE-787 (Out-of-bounds Write), it was resolved via a patch cherry-picked from commit ab3edc679c552a466e4bf0b11af3666008bd65a2.
A local attacker with low privileges can exploit this vulnerability without user interaction. Successful exploitation could result in high impacts to confidentiality, integrity, and availability, potentially allowing out-of-bounds writes that lead to kernel crashes or code execution within the local attacker's scope.
Mitigation involves applying the stable kernel patches referenced in the kernel git repository, such as commit 333991c4e66b3d4b5613315f18016da80344f659 and e8997d2d6b8d764e12489f1af2a1ce1d7384ca2a, which explicitly handle both overflow cases in the selftests calculations.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-54597
Vulnerability details
In the Linux kernel, the following vulnerability has been resolved: drm/i915/selftests: fix subtraction overflow bug On some machines hole_end can be small enough to cause subtraction overflow. On the other side (addr + 2 * min_alignment) can overflow in case…
more
of mock tests. This patch should handle both cases. (cherry picked from commit ab3edc679c552a466e4bf0b11af3666008bd65a2)
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local kernel out-of-bounds write vulnerability directly enables exploitation for privilege escalation to achieve code execution or system impact from low-privileged user context.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mandates timely remediation of known flaws like the subtraction overflow in Linux kernel drm/i915 selftests via patching to prevent exploitation.
Implements memory protection mechanisms that mitigate out-of-bounds writes resulting from the overflow vulnerability in kernel selftests.
Conducts vulnerability scanning to identify the presence of CVE-2022-49635 in deployed Linux kernel versions for subsequent remediation.