CVE-2022-50870
Unknown Unknown - Not Provided
Deadlock Vulnerability in Linux Kernel powerpc/rtas During Panic

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtas_os_term() rtas_os_term() is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entails locking and local IRQ state changes. If the kernel panics while devtree_lock is held, rtas_os_term() as currently written could hang. Instead of discovering the relevant characteristics at panic time, cache them in file-static variables at boot. Note the lookup for "ibm,extended-os-term" is converted to of_property_read_bool() since it is a boolean property, not an RTAS function token. [mpe: Incorporate suggested change from Nick]
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-06-16
AI Q&A
2025-12-30
EPSS Evaluated
2026-06-15
NVD
CVE-2022-50870
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel's powerpc/rtas component, specifically in the rtas_os_term() function called during a kernel panic. The function performs device tree lookups that involve locking and interrupt state changes. If the kernel panics while the device tree lock is held, rtas_os_term() can hang, causing the system to become unresponsive during panic handling. The fix involves caching the needed device tree properties at boot time to avoid lookups during panic.

Impact Analysis

If this vulnerability is triggered, the system could hang during a kernel panic, preventing proper panic handling and potentially complicating system recovery or debugging after a crash. This could lead to longer downtime or difficulty diagnosing the root cause of the panic.

Mitigation Strategies

To mitigate this vulnerability, update the Linux kernel to a version that includes the fix for the rtas_os_term() issue, where device tree lookups during panic are avoided by caching relevant properties at boot time.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50870. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart