-

CVE-2022-50206

EPSS 0.04%
Published 18.06.2025 11:03:46
Last modified 18.06.2025 13:47:40
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

arm64: fix oops in concurrently setting insn_emulation sysctls

emulation_proc_handler() changes table->data for proc_dointvec_minmax
and can generate the following Oops if called concurrently with itself:

 | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010
 | Internal error: Oops: 96000006 [#1] SMP
 | Call trace:
 | update_insn_emulation_mode+0xc0/0x148
 | emulation_proc_handler+0x64/0xb8
 | proc_sys_call_handler+0x9c/0xf8
 | proc_sys_write+0x18/0x20
 | __vfs_write+0x20/0x48
 | vfs_write+0xe4/0x1d0
 | ksys_write+0x70/0xf8
 | __arm64_sys_write+0x20/0x28
 | el0_svc_common.constprop.0+0x7c/0x1c0
 | el0_svc_handler+0x2c/0xa0
 | el0_svc+0x8/0x200

To fix this issue, keep the table->data as &insn->current_mode and
use container_of() to retrieve the insn pointer. Another mutex is
used to protect against the current_mode update but not for retrieving
insn_emulation as table->data is no longer changing.

Affected products Warnungen 0 Metrics 1 CWE 0 References 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < 9d5fec6ba2e4117d196a8259ab54615ffe562460

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < b51881b1da57fe9877125dfdd0aac5172958fcfd

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 04549063d5701976034d8c2bfda3d3a8cbf0409f

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 353b4673d01c512303c45cf2346f630cda73b5c9

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < cc69ef95988b9ef2fc730ec452a7441efb90ef5e

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 6a2fd114678d7fc1b5a0f8865ae98f1c17787455

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 07022e07017ee5540f5559b0aeb916e8383c1e1a

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < af483947d472eccb79e42059276c4deed76f99a6

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version <= 4.14.*

Version 4.14.291

Status unaffected

Version <= 4.19.*

Version 4.19.256

Status unaffected

Version <= 5.4.*

Version 5.4.211

Status unaffected

Version <= 5.10.*

Version 5.10.137

Status unaffected

Version <= 5.15.*

Version 5.15.61

Status unaffected

Version <= 5.18.*

Version 5.18.18

Status unaffected

Version <= 5.19.*

Version 5.19.2

Status unaffected

Version <= *

Version 6.0

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.094

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/9d5fec6ba2e4117d196a8259ab54615ffe562460

https://git.kernel.org/stable/c/b51881b1da57fe9877125dfdd0aac5172958fcfd

https://git.kernel.org/stable/c/04549063d5701976034d8c2bfda3d3a8cbf0409f

https://git.kernel.org/stable/c/353b4673d01c512303c45cf2346f630cda73b5c9

https://git.kernel.org/stable/c/cc69ef95988b9ef2fc730ec452a7441efb90ef5e

https://git.kernel.org/stable/c/6a2fd114678d7fc1b5a0f8865ae98f1c17787455

https://git.kernel.org/stable/c/07022e07017ee5540f5559b0aeb916e8383c1e1a

https://git.kernel.org/stable/c/af483947d472eccb79e42059276c4deed76f99a6

https://nvd.nist.gov/vuln/detail/CVE-2022-50206

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50206

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50206

EUVD