CVE-2022-50490
BaseFortify
Publication date: 2025-10-04
Last updated on: 2026-03-25
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel's BPF subsystem, specifically in the function __htab_map_lookup_and_delete_batch(). When the function htab_lock_bucket() returns an -EBUSY error, the code incorrectly proceeds to the next bucket, which can silently skip elements in the current bucket. This behavior may lead to out-of-bound memory access or expose kernel memory to userspace if the current bucket count is greater than the bucket size or zero. The fix involves stopping the batch operation and returning -EBUSY when htab_lock_bucket() fails, allowing the application to retry or skip the busy batch as needed.
How can this vulnerability impact me? :
This vulnerability can impact you by potentially exposing kernel memory to userspace, which could lead to information disclosure or memory corruption. Additionally, out-of-bound memory access could cause system instability or crashes, affecting system reliability and security.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch or update to a Linux kernel version that includes the fix for this vulnerability, which stops batch operations and returns -EBUSY when htab_lock_bucket() fails. This prevents out-of-bound memory access and exposure of kernel memory to userspace. Until then, avoid running untrusted BPF programs that may trigger this issue.