CVE-2022-50266
BaseFortify
Publication date: 2025-09-15
Last updated on: 2025-12-02
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 4.4.238 (inc) to 4.5 (exc) |
| linux | linux_kernel | From 4.9.238 (inc) to 4.10 (exc) |
| linux | linux_kernel | From 4.14.200 (inc) to 4.15 (exc) |
| linux | linux_kernel | From 4.19.149 (inc) to 4.20 (exc) |
| linux | linux_kernel | From 5.4.69 (inc) to 5.5 (exc) |
| linux | linux_kernel | From 5.8.13 (inc) to 5.9 (exc) |
| linux | linux_kernel | From 5.9.1 (inc) to 6.0.16 (exc) |
| linux | linux_kernel | From 6.1 (inc) to 6.1.2 (exc) |
| linux | linux_kernel | 5.9 |
| linux | linux_kernel | 5.9 |
| linux | linux_kernel | 5.9 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is in the Linux kernel's kprobes subsystem. The issue is in the kill_kprobe() function, where a check to determine if disarm_kprobe_ftrace() needs to be called always fails. This happens because the KPROBE_FLAG_GONE flag is set before the check, causing the probe to appear disabled incorrectly. As a result, the disarm_kprobe_ftrace() function, which was introduced to fix a NULL pointer dereference problem, may not be called when needed, potentially leaving the probe enabled and the kernel vulnerable to the original NULL pointer dereference issue. The fix involves reordering the check to occur before setting the KPROBE_FLAG_GONE flag.
How can this vulnerability impact me? :
If this vulnerability is present, the kernel may fail to properly disarm a kprobe, which can lead to a NULL pointer dereference. This could cause system instability or crashes, potentially leading to denial of service or other unintended behavior in the Linux system.