A race condition was found in the way Linux kernel's memory subsystem handled breakage of the read only private mappings COW (copy-on-write mapping) situation on write access. This is new privilege escalation issue, similar to Dirty COW (CVE-2016-5195), but it's limited to shmem only. The user can corrupt only shared memory (shmem / tmpfs), so this issue could be considered less severe, than CVE-2016-5195. An unprivileged local user could use this flaw to gain write access to otherwise read only memory mappings and thus increase their privileges on the system. Fixes: 9ae0f87d009c ("mm/shmem: unconditionally set pte dirty in mfill_atomic_install_pte"). that is part of upstream Linux since v5.16.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2116469]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-2590
This is fixed for Fedora in the 5.19.6 stable kernel updates.