CVE-2022-50870
Unknown Unknown - Not Provided

Deadlock Vulnerability in Linux Kernel powerpc/rtas During Panic

Vulnerability report for CVE-2022-50870, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtas_os_term() rtas_os_term() is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entails locking and local IRQ state changes. If the kernel panics while devtree_lock is held, rtas_os_term() as currently written could hang. Instead of discovering the relevant characteristics at panic time, cache them in file-static variables at boot. Note the lookup for "ibm,extended-os-term" is converted to of_property_read_bool() since it is a boolean property, not an RTAS function token. [mpe: Incorporate suggested change from Nick]

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-07-06
AI Q&A
2025-12-30
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Mitigation Strategies

To mitigate this vulnerability, update the Linux kernel to a version that includes the fix for the rtas_os_term() issue, where device tree lookups during panic are avoided by caching relevant properties at boot time.

Executive Summary

This vulnerability occurs in the Linux kernel's powerpc/rtas component, specifically in the rtas_os_term() function called during a kernel panic. The function performs device tree lookups that involve locking and interrupt state changes. If the kernel panics while the device tree lock is held, rtas_os_term() can hang, causing the system to become unresponsive during panic handling. The fix involves caching the needed device tree properties at boot time to avoid lookups during panic.

Impact Analysis

If this vulnerability is triggered, the system could hang during a kernel panic, preventing proper panic handling and potentially complicating system recovery or debugging after a crash. This could lead to longer downtime or difficulty diagnosing the root cause of the panic.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50870. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart