Linux Kernel Vulnerability in KVM Affecting NX Bit Handling
CVE-2022-50224

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 June 2025

What is CVE-2022-50224?

A vulnerability in the Linux kernel's KVM module arises from improper handling of the NX (No-eXecute) bit in the Shadow Page Table Entry (SPTE) during Nested Page Table (NPT) operations. Specifically, KVM was not validating the NX bit as expected when the NX huge page mitigation feature was enabled. This oversight could trigger warnings and potential system instability when reserved SPTE bits are set incorrectly. The issue is particularly notable because KVM requires NX support for Secure Virtual Machine (SVM) to function properly, posing risks in environments reliant on virtualization for performance and security.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6271f2854b9233702e236e576b885a876dde4889

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6c6ab524cfae0799e55c82b2c1d61f1af0156f8d

Linux 5.19.2 <= 5.19.*

References

https://git.kernel.org/stable/c/6271f2854b9233702e236e576...

https://git.kernel.org/stable/c/6c6ab524cfae0799e55c82b2c...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2025
Vulnerability Reserved
Jun 18, 2025