An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. CREATE(Triage):(User=admin) CVE-2022-39188 (https://nvd.nist.gov/vuln/detail/CVE-2022-39188)