Login Sign Up

CVE-2022-49261

7.8 HIGH
Denial of Service

📋 TL;DR

A missing bounds check in the Linux kernel's i915 graphics driver vm_access() function allows out-of-bounds memory access. This vulnerability could lead to kernel memory corruption or information disclosure. Systems using Intel integrated graphics with affected Linux kernel versions are vulnerable.

💻 Affected Systems

Products:
  • Linux kernel with i915 graphics driver
Versions: Linux kernel versions before the fix commit 661412e301e2ca86799aa4f400d1cf0bd38c57c6
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems with Intel integrated graphics using the i915 driver. Systems without Intel graphics or using different drivers are not affected.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash, potential privilege escalation via memory corruption, or sensitive kernel memory disclosure.

🟠

Likely Case

System instability, crashes, or denial of service when accessing graphics memory regions.

🟢

If Mitigated

No impact if patched; unpatched systems may experience crashes but privilege escalation requires additional exploitation.

🌐 Internet-Facing: LOW - This is a local kernel vulnerability requiring local access to exploit.
🏢 Internal Only: MEDIUM - Local users or processes could exploit this to cause system instability or potentially escalate privileges.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and knowledge of memory layout. The vulnerability is in a specific graphics driver function.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Linux kernel with commit 661412e301e2ca86799aa4f400d1cf0bd38c57c6 or later

Vendor Advisory: https://git.kernel.org/stable/c/312d3d4f49e12f97260bcf972c848c3562126a18

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commit. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel package. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable i915 driver module

Linux

Prevent loading of vulnerable i915 graphics driver (will disable Intel integrated graphics)

echo 'blacklist i915' >> /etc/modprobe.d/blacklist-i915.conf
update-initramfs -u
reboot

🧯 If You Can't Patch

  • Restrict local user access to systems with vulnerable kernels
  • Implement strict process isolation and limit graphics memory access permissions

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if i915 module is loaded: uname -r && lsmod | grep i915

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is after fix commit: git log --oneline | grep -i '661412e301e2ca86799aa4f400d1cf0bd38c57c6'

📡 Detection & Monitoring

Log Indicators:

  • Kernel oops messages mentioning 'vm_access' or 'i915'
  • Page fault errors in dmesg output
  • System crashes with graphics-related stack traces

Network Indicators:

  • None - this is a local vulnerability

SIEM Query:

source="kernel" AND ("vm_access" OR "i915" OR "BUG: unable to handle page fault")

📊 Metadata

CVE ID: CVE-2022-49261
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-125
EPSS Score: 0.02% exploit probability (2.6th percentile)
Published: February 26, 2025
Last Updated: September 22, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49261, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)