{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-13T10:40:23.641","vulnerabilities":[{"cve":{"id":"CVE-2022-49935","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-06-18T11:15:20.340","lastModified":"2025-11-14T20:24:22.170","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf/dma-resv: check if the new fence is really later\n\nPreviously when we added a fence to a dma_resv object we always\nassumed the the newer than all the existing fences.\n\nWith Jason's work to add an UAPI to explicit export/import that's not\nnecessary the case any more. So without this check we would allow\nuserspace to force the kernel into an use after free error.\n\nSince the change is very small and defensive it's probably a good\nidea to backport this to stable kernels as well just in case others\nare using the dma_resv object in the same way."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dma-buf/dma-resv: comprobar si la nueva valla es realmente posterior. Anteriormente, al añadir una valla a un objeto dma_resv, siempre suponíamos que era más reciente que todas las vallas existentes. Gracias al trabajo de Jason para añadir una UAPI a la exportación/importación explícita, esto ya no es necesario. Por lo tanto, sin esta comprobación, permitiríamos que el espacio de usuario forzara al kernel a un error de Use-After-Free. Dado que el cambio es muy pequeño y defensivo, probablemente sea buena idea retroportarlo también a los kernels estables, por si acaso otros utilizan el objeto dma_resv de la misma manera."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0","versionEndExcluding":"5.19.8","matchCriteriaId":"40609647-0783-4105-9869-6AF27151B4D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*","matchCriteriaId":"E8BD11A3-8643-49B6-BADE-5029A0117325"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.0:rc2:*:*:*:*:*:*","matchCriteriaId":"5F0AD220-F6A9-4012-8636-155F1B841FAD"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.0:rc3:*:*:*:*:*:*","matchCriteriaId":"A46498B3-78E1-4623-AAE1-94D29A42BE4E"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/a3f7c10a269d5b77dd5822ade822643ced3057f0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c4c798fe98adceb642050819cb57cbc8f5c27870","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}