CVE-2022-50232
BaseFortify
Publication date: 2025-06-18
Last updated on: 2025-11-19
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel affects the arm64 architecture where the UXN (Unprivileged eXecute Never) bit was not set on the swapper page table entries (PTEs). Because of this, on systems implementing FEAT_EPAN, read/write access to the idmap was incorrectly allowed, leading to a kernel panic when accessing certain kernel mappings (__idmap_kpti_flag). The issue was fixed by setting the UXN bit on these PTEs to prevent unauthorized access.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to panic (crash) when accessing specific kernel memory mappings, potentially leading to system instability or denial of service on affected arm64 systems implementing FEAT_EPAN.
What immediate steps should I take to mitigate this vulnerability?
Apply the upstream fix that sets UXN on swapper page tables, specifically the patch identified by commit c3cee924bd85, which covers the entire kernel image in the initial ID map. This fix prevents kernel panics related to idmap_kpti_install_ng_mappings by properly setting UXN on the PTEs. Backport this fix to your stable kernel version if necessary.