Null Pointer Dereference in Linux Kernel's VKMS Component
CVE-2022-50369

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 17 September 2025

What is CVE-2022-50369?

A vulnerability exists in the Linux kernel's VKMS (Virtual Kernel Mode Setting) component, which can cause a null pointer dereference when attempting to destroy the workqueue associated with VKMS. This issue arises during the resource release process, particularly when an Out of Memory (OOM) condition occurs, leading to a scenario where the workqueue has not been allocated prior to its deallocation attempt. The issue can be mitigated by implementing a check to ensure the workqueue pointer is not NULL before invoking the destroy function.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 6c234fe37c57627a5baf96f552afa1fae2b67d4d < 0b8f390e2251191f1b179cc87f65d54c96565f0d

Linux 6c234fe37c57627a5baf96f552afa1fae2b67d4d < 1f9836f95271e7acf016667eee0aeae3386f9645

Linux 6c234fe37c57627a5baf96f552afa1fae2b67d4d < 596f1ba3987e601e31a5abf1f75ce1d2635aceac

References

https://git.kernel.org/stable/c/0b8f390e2251191f1b179cc87...

https://git.kernel.org/stable/c/1f9836f95271e7acf016667ee...

https://git.kernel.org/stable/c/596f1ba3987e601e31a5abf1f...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 17, 2025
Vulnerability Reserved
Sep 17, 2025

JSON

Linux

What is CVE-2022-50369?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.