CVE-2022-50014: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, CVE-2022-50014 addresses a vulnerability related to the FOLLFORCE COW security issue. This vulnerability is similar to the Dirty COW (CVE-2016-5195) vulnerability, where FOLLFORCE can be potentially dangerous when races can be exploited by user space. The issue affects x8664 and aarch64 architectures that support CONFIGHAVEARCHUSERFAULTFD_MINOR (NVD).

The vulnerability exists in the kernel's memory management subsystem where setting a PTE of a read-only mapped shared page as dirty could erroneously make it writable through FOLLFORCE. This issue became exploitable after commit 9ae0f87d009c, which allowed using UFFDIOCONTINUE to map a shmem page as read-only while marking the PTE dirty (NVD).

The vulnerability could allow unprivileged user space to modify tmpfs/shmem file content even without write permissions to the file, and to bypass memfd write sealing. It effectively acts as a Dirty COW vulnerability restricted to tmpfs/shmem (CVE-2022-2590) (NVD, Wiz).

The vulnerability has been fixed by moving away from mandatory-retry and dirty handling, instead relying on the PageAnonExclusive() flag for making COW-related decisions. For kernels before extended uffd-wp support and before PageAnonExclusive (< 5.19), reverting the problematic commit provides protection against UFFDIOCONTINUE. A backport to v5.19 requires minor adjustments due to lack of vmasoftdirtyenabled() (NVD).