CVE-2022-50382
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-18

Last updated on: 2025-12-11

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: padata: Always leave BHs disabled when running ->parallel() A deadlock can happen when an overloaded system runs ->parallel() in the context of the current task: padata_do_parallel ->parallel() pcrypt_aead_enc/dec padata_do_serial spin_lock(&reorder->lock) // BHs still enabled <interrupt> ... __do_softirq ... padata_do_serial spin_lock(&reorder->lock) It's a bug for BHs to be on in _do_serial as Steffen points out, so ensure they're off in the "current task" case like they are in padata_parallel_worker to avoid this situation.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-18
Last Modified
2025-12-11
Generated
2026-06-16
AI Q&A
2025-09-18
EPSS Evaluated
2026-06-15
NVD
CVE-2022-50382
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 5.8 (inc) to 5.10.163 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.86 (exc)
linux linux_kernel From 5.16 (inc) to 6.0.16 (exc)
linux linux_kernel From 6.1 (inc) to 6.1.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-667 The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a deadlock issue in the Linux kernel's padata subsystem. It occurs when the system is overloaded and runs the ->parallel() function in the context of the current task. The problem arises because bottom halves (BHs) are not disabled during the execution of padata_do_serial, which leads to a deadlock when an interrupt triggers another call to padata_do_serial trying to acquire the same lock. The fix ensures that BHs are disabled in the current task case, preventing this deadlock.

Impact Analysis

This vulnerability can cause the Linux kernel to deadlock under heavy load conditions when running certain parallel processing tasks. This deadlock can lead to system hangs or freezes, impacting system stability and availability.

Mitigation Strategies

The vulnerability is resolved by ensuring that bottom halves (BHs) are disabled when running the ->parallel() function in the Linux kernel's padata subsystem. To mitigate this vulnerability, update your Linux kernel to a version that includes this fix where BHs are properly disabled in the current task context during parallel execution. There are no specific immediate configuration changes or commands provided to mitigate this issue without updating the kernel.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50382. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart