CVE-2022-50266

In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix check for probe enabled in kill_kprobe() In kill_kprobe(), the check whether disarm_kprobe_ftrace() needs to be called always fails. This is because before that we set the KPROBE_FLAG_GONE flag for kprobe so that "!kprobe_disabled(p)" is always false. The disarm_kprobe_ftrace() call introduced by commit: 0cb2f1372baa ("kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler") to fix the NULL pointer reference problem. When the probe is enabled, if we do not disarm it, this problem still exists. Fix it by putting the probe enabled check before setting the KPROBE_FLAG_GONE flag.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/0c76ef3f26d5ef2ac2c21b47e7620cff35809fbb	Patch
https://git.kernel.org/stable/c/c909985dd0c0f74b61e3f8f0e04bf8aa9c8b97c7	Patch
https://git.kernel.org/stable/c/f20a067f13106565816b4b6a6b665b2088a63824	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:5.9:-::::::
	cpe:2.3:o:linux:linux_kernel:5.9:rc7::::::
	cpe:2.3:o:linux:linux_kernel:5.9:rc8::::::

History

No history.

Information

Published : 2025-09-15 15:15

Updated : 2025-12-02 19:27

NVD link : CVE-2022-50266

Mitre link : CVE-2022-50266

CVE.ORG link : CVE-2022-50266

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2022-50266", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-09-15T15:15:37.347", "references": [{"url": "https://git.kernel.org/stable/c/0c76ef3f26d5ef2ac2c21b47e7620cff35809fbb", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c909985dd0c0f74b61e3f8f0e04bf8aa9c8b97c7", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f20a067f13106565816b4b6a6b665b2088a63824", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkprobes: Fix check for probe enabled in kill_kprobe()\n\nIn kill_kprobe(), the check whether disarm_kprobe_ftrace() needs to be\ncalled always fails. This is because before that we set the\nKPROBE_FLAG_GONE flag for kprobe so that \"!kprobe_disabled(p)\" is always\nfalse.\n\nThe disarm_kprobe_ftrace() call introduced by commit:\n\n 0cb2f1372baa (\"kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler\")\n\nto fix the NULL pointer reference problem. When the probe is enabled, if\nwe do not disarm it, this problem still exists.\n\nFix it by putting the probe enabled check before setting the\nKPROBE_FLAG_GONE flag."}], "lastModified": "2025-12-02T19:27:30.377", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06D736F2-3AF9-405C-A2D4-D7A433966CD1", "versionEndExcluding": "4.5", "versionStartIncluding": "4.4.238"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C239C4E4-A9BE-4BA4-B0ED-58C96D32A965", "versionEndExcluding": "4.10", "versionStartIncluding": "4.9.238"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4C219D0-2F4C-4842-85C7-5EE4D0099F82", "versionEndExcluding": "4.15", "versionStartIncluding": "4.14.200"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22D98FED-AEF1-4722-8A24-E84AEFBAE267", "versionEndExcluding": "4.20", "versionStartIncluding": "4.19.149"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20BCB29D-C30A-4880-8FC2-2468E283C95D", "versionEndExcluding": "5.5", "versionStartIncluding": "5.4.69"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98C441DE-65B1-4897-95F0-EA0B85BF8E9A", "versionEndExcluding": "5.9", "versionStartIncluding": "5.8.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E34DDF25-ACCC-4528-9862-743137C1BCBB", "versionEndExcluding": "6.0.16", "versionStartIncluding": "5.9.1"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77239F4B-6BB2-4B9E-A654-36A52396116C", "versionEndExcluding": "6.1.2", "versionStartIncluding": "6.1"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.9:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F79A2EB6-623E-4749-AEE0-DCB58C4C42F8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.9:rc7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47E31D6A-31EC-4F63-9CAE-B7A52B58E149"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.9:rc8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3497462B-A3DA-47CC-A5DD-C1C2D2E6DFDE"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}