CVE-2022-50225

EPSS 0.03%
Published 18.06.2025 11:03:58
Last modified 18.06.2025 13:47:40
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

riscv:uprobe fix SR_SPIE set/clear handling

In riscv the process of uprobe going to clear spie before exec
the origin insn,and set spie after that.But When access the page
which origin insn has been placed a page fault may happen and
irq was disabled in arch_uprobe_pre_xol function,It cause a WARN
as follows.
There is no need to clear/set spie in arch_uprobe_pre/post/abort_xol.
We can just remove it.

[   31.684157] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1488
[   31.684677] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 76, name: work
[   31.684929] preempt_count: 0, expected: 0
[   31.685969] CPU: 2 PID: 76 Comm: work Tainted: G
[   31.686542] Hardware name: riscv-virtio,qemu (DT)
[   31.686797] Call Trace:
[   31.687053] [<ffffffff80006442>] dump_backtrace+0x30/0x38
[   31.687699] [<ffffffff80812118>] show_stack+0x40/0x4c
[   31.688141] [<ffffffff8081817a>] dump_stack_lvl+0x44/0x5c
[   31.688396] [<ffffffff808181aa>] dump_stack+0x18/0x20
[   31.688653] [<ffffffff8003e454>] __might_resched+0x114/0x122
[   31.688948] [<ffffffff8003e4b2>] __might_sleep+0x50/0x7a
[   31.689435] [<ffffffff80822676>] down_read+0x30/0x130
[   31.689728] [<ffffffff8000b650>] do_page_fault+0x166/x446
[   31.689997] [<ffffffff80003c0c>] ret_from_exception+0x0/0xc

Affected products Warnungen 0 Metrics 1 CWE 0 References 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < c71e000db8536d27ec410abb3e314896a78b4f19

Version 74784081aac8a0f3636965fc230e2d3b7cc123c6

Status affected

Version < 3811d51778900064d27d8c9a98f73410fb3b471d

Version 74784081aac8a0f3636965fc230e2d3b7cc123c6

Status affected

Version < 73fc099eaefd9a92c83b6c07dad066411fd5a192

Version 74784081aac8a0f3636965fc230e2d3b7cc123c6

Status affected

Version < 3dbe5829408bc1586f75b4667ef60e5aab0209c7

Version 74784081aac8a0f3636965fc230e2d3b7cc123c6

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 5.12

Status affected

Version < 5.12

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.61

Status unaffected

Version <= 5.18.*

Version 5.18.18

Status unaffected

Version <= 5.19.*

Version 5.19.2

Status unaffected

Version <= *

Version 6.0

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.056

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/c71e000db8536d27ec410abb3e314896a78b4f19

https://git.kernel.org/stable/c/3811d51778900064d27d8c9a98f73410fb3b471d

https://git.kernel.org/stable/c/73fc099eaefd9a92c83b6c07dad066411fd5a192

https://git.kernel.org/stable/c/3dbe5829408bc1586f75b4667ef60e5aab0209c7

https://nvd.nist.gov/vuln/detail/CVE-2022-50225

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50225

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50225

EUVD