CVE-2022-50494
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-04

Last updated on: 2025-10-06

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash When CPU 0 is offline and intel_powerclamp is used to inject idle, it generates kernel BUG: BUG: using smp_processor_id() in preemptible [00000000] code: bash/15687 caller is debug_smp_processor_id+0x17/0x20 CPU: 4 PID: 15687 Comm: bash Not tainted 5.19.0-rc7+ #57 Call Trace: <TASK> dump_stack_lvl+0x49/0x63 dump_stack+0x10/0x16 check_preemption_disabled+0xdd/0xe0 debug_smp_processor_id+0x17/0x20 powerclamp_set_cur_state+0x7f/0xf9 [intel_powerclamp] ... ... Here CPU 0 is the control CPU by default and changed to the current CPU, if CPU 0 offlined. This check has to be performed under cpus_read_lock(), hence the above warning. Use get_cpu() instead of smp_processor_id() to avoid this BUG. [ rjw: Subject edits ]
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-04
Last Modified
2025-10-06
Generated
2026-06-16
AI Q&A
2025-10-04
EPSS Evaluated
2026-06-14
NVD
CVE-2022-50494
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
intel intel_powerclamp *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel's intel_powerclamp thermal driver. When CPU 0 is offline and intel_powerclamp tries to inject idle states, it uses smp_processor_id() in preemptible code, which can cause a kernel crash (BUG). The issue arises because smp_processor_id() is not safe to use in this context, and the code should use get_cpu() instead to avoid the crash.

Impact Analysis

This vulnerability can cause the Linux kernel to crash (kernel BUG) when CPU 0 is offline and intel_powerclamp is used, potentially leading to system instability or downtime.

Mitigation Strategies

The vulnerability is caused by using smp_processor_id() in preemptible code, which can cause a kernel BUG when CPU 0 is offline and intel_powerclamp is used. To mitigate this, update the Linux kernel to a version where the intel_powerclamp driver uses get_cpu() instead of smp_processor_id(), as this change avoids the crash.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50494. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart