CVE-2022-50230
BaseFortify
Publication date: 2025-06-18
Last updated on: 2025-11-19
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel affects the arm64 architecture where the UXN (Unprivileged eXecute Never) bit was not set on the swapper page table entries (PTEs). On systems implementing FEAT_EPAN, this omission allows read/write access to the idmap, which should be denied. This causes the kernel to panic when accessing certain memory flags (__idmap_kpti_flag). The issue was fixed by setting the UXN bit on these PTEs to prevent unauthorized access.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to panic (crash) when accessing specific memory mappings related to idmap on affected arm64 systems. This can lead to system instability or denial of service due to unexpected kernel panics.
What immediate steps should I take to mitigate this vulnerability?
Apply the upstream fix that sets UXN on the swapper page tables, specifically the patch identified by commit c3cee924bd85 which covers the entire kernel image in the initial ID map. This fix prevents kernel panics related to idmap_kpti_install_ng_mappings by properly setting UXN on the PTEs. Backport this fix to your stable kernel version if necessary.