CVE-2022-50227

EPSS 0.03%
Published 18.06.2025 11:03:59
Last modified 18.06.2025 13:47:40
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

KVM: x86/xen: Initialize Xen timer only once

Add a check for existing xen timers before initializing a new one.

Currently kvm_xen_init_timer() is called on every
KVM_XEN_VCPU_ATTR_TYPE_TIMER, which is causing the following ODEBUG
crash when vcpu->arch.xen.timer is already set.

ODEBUG: init active (active state 0)
object type: hrtimer hint: xen_timer_callbac0
RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:502
Call Trace:
__debug_object_init
debug_hrtimer_init
debug_init
hrtimer_init
kvm_xen_init_timer
kvm_xen_vcpu_set_attr
kvm_arch_vcpu_ioctl
kvm_vcpu_ioctl
vfs_ioctl

Affected products Warnungen 0 Metrics 1 CWE 0 References 5

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < 9a9b5771e930f408c3419799000f76a9abaf2278

Version 536395260582be7443b0b35b0bbb89ffe3947f62

Status affected

Version < af735db31285fa699384c649be72a9f32ecbb665

Version 536395260582be7443b0b35b0bbb89ffe3947f62

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 5.19

Status affected

Version < 5.19

Version 0

Status unaffected

Version <= 5.19.*

Version 5.19.2

Status unaffected

Version <= *

Version 6.0

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.059

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/9a9b5771e930f408c3419799000f76a9abaf2278

https://git.kernel.org/stable/c/af735db31285fa699384c649be72a9f32ecbb665

https://nvd.nist.gov/vuln/detail/CVE-2022-50227

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50227

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50227

EUVD