UBSAN Shift-Out-of-Bounds Issue in Intel RAPL Component of Linux Kernel
CVE-2022-50366

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 17 September 2025

What is CVE-2022-50366?

The Linux kernel's Intel RAPL (Running Average Power Limit) component contains a vulnerability that leads to a UBSAN shift-out-of-bounds issue. When a given value is less than the defined time unit, a parameter passed to ilog2() can yield a zero result, resulting in a return value of -1. This scenario produces a shift exponent far exceeding the permissible range for a 32-bit integer, which raises the risk of undefined behavior. Immediate remediation is advised to mitigate potential exploitation risks.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 42f79dbb9514f726ff21df25f09cb0693b0b2445

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3eb0ba70376f6ee40fa843fc9cee49269370b0b3

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 4ebba43384722adbd325baec3a12c572d94488eb

References

https://git.kernel.org/stable/c/42f79dbb9514f726ff21df25f...

https://git.kernel.org/stable/c/3eb0ba70376f6ee40fa843fc9...

https://git.kernel.org/stable/c/4ebba43384722adbd325baec3...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 17, 2025
Vulnerability Reserved
Sep 17, 2025