What is the severity of CVE-2022-49804?

CVE-2022-49804 has been classified as a moderate severity vulnerability affecting the Linux kernel.

How do I fix CVE-2022-49804?

To fix CVE-2022-49804, update to the latest version of the affected Linux kernel or apply the recommended patch.

Which versions of the Linux kernel are affected by CVE-2022-49804?

CVE-2022-49804 affects specific versions of the Linux kernel prior to the inclusion of the patch that resolves the issue.

What type of vulnerability is CVE-2022-49804?

CVE-2022-49804 is a vulnerability related to improper use of global registers in the s390 architecture of the Linux kernel.

Is CVE-2022-49804 exploitable?

Yes, if unpatched, CVE-2022-49804 could potentially be exploited to affect system stability or security.

Vulnerability/
CVE-2022-49804

1/5/2025

CVE-2022-49804: s390: avoid using global register for current_stack_pointer

First published: Thu May 01 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: s390: avoid using global register for current_stack_pointer Commit 30de14b1884b ("s390: current_stack_pointer shouldn't be a function") made current_stack_pointer a global register variable like on many other architectures. Unfortunately on s390 it uncovers old gcc bug which is fixed only since gcc-9.1 [gcc commit 3ad7fed1cc87 ("S/390: Fix PR89775. Stackpointer save/restore instructions removed")] and backported to gcc-8.4 and later. Due to this bug gcc versions prior to 8.4 generate broken code which leads to stack corruptions. Current minimal gcc version required to build the kernel is declared as 5.1. It is not possible to fix all old gcc versions, so work around this problem by avoiding using global register variable for current_stack_pointer.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
GNU Compiler Collection (GCC)	<8.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-49804?
CVE-2022-49804 has been classified as a moderate severity vulnerability affecting the Linux kernel.
How do I fix CVE-2022-49804?
To fix CVE-2022-49804, update to the latest version of the affected Linux kernel or apply the recommended patch.
Which versions of the Linux kernel are affected by CVE-2022-49804?
CVE-2022-49804 affects specific versions of the Linux kernel prior to the inclusion of the patch that resolves the issue.
What type of vulnerability is CVE-2022-49804?
CVE-2022-49804 is a vulnerability related to improper use of global registers in the s390 architecture of the Linux kernel.
Is CVE-2022-49804 exploitable?
Yes, if unpatched, CVE-2022-49804 could potentially be exploited to affect system stability or security.

collector/mitre-cve
source/MITRE
agent/title
agent/references
agent/type
agent/first-publish-date
agent/description
agent/guess-ai
agent/software-canonical-lookup
agent/softwarecombine
collector/nvd-api
source/NVD
agent/last-modified-date
agent/author
agent/source
agent/tags
agent/event
vendor/gnu
canonical/gnu compiler collection (gcc)

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.