CVE-2022-49152: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49152 is a vulnerability in the Linux kernel's XArray subsystem, specifically in the xas_create_range() function. The vulnerability was discovered when multi-order entries are present, affecting Linux kernel versions from 5.5 to 5.17.2. The issue was disclosed on February 26, 2025, and received a CVSS v3.1 base score of 4.7 (MEDIUM) (NVD).

The vulnerability occurs when xas_create_range() is called with an entry present that has an order >= XA_CHUNK_SHIFT. In such cases, the function incorrectly misinterprets that entry as a node and attempts to dereference xa_node->parent, leading to a NULL pointer dereference. This typically results in a kernel crash with a general protection fault. The issue has been present since the introduction of xas_create_range() but became exploitable after the page cache was converted to use multi-index entries (Kernel Patch).

When exploited, this vulnerability leads to a kernel crash due to a NULL pointer dereference, resulting in a denial of service condition. The vulnerability requires local access and high complexity to exploit, as indicated by its CVSS metrics (AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H) (NVD).

The vulnerability has been patched in the Linux kernel. The fix involves adding additional checks in the xas_create_range() function to properly handle cases where multi-order entries are present. Users should upgrade to patched versions: Linux kernel 5.15.33, 5.17.2, 5.16.19, 5.10.110, or 5.4.189 and later (NVD).