Use-After-Free Vulnerability in Linux Kernel dm cache by Linux
CVE-2022-50496

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 October 2025

What is CVE-2022-50496?

A use-after-free vulnerability exists in the 'dm cache' module of the Linux kernel, which could lead to potential security issues when the functions 'dm_resume()' and 'dm_destroy()' are executed concurrently. This vulnerability arises from a failure to properly manage the lifecycle of objects, particularly when timers are not canceled in the 'destroy()' function. Unauthorized access to system memory or unintended behavior may be possible as a result.

Affected Version(s)

Linux c6b4fcbad044e6fffcc75bba160e720eb8d67d17 < 034cbc8d3b47a56acd89453c29632a9c117de09d

Linux c6b4fcbad044e6fffcc75bba160e720eb8d67d17 < 993406104d2b28fe470126a062ad37a1e21e792e

Linux c6b4fcbad044e6fffcc75bba160e720eb8d67d17 < 4d20032dd90664de09f2902a7ea49ae2f7771746

References

https://git.kernel.org/stable/c/034cbc8d3b47a56acd89453c2...

https://git.kernel.org/stable/c/993406104d2b28fe470126a06...

https://git.kernel.org/stable/c/4d20032dd90664de09f2902a7...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2025
Vulnerability Reserved
Oct 4, 2025

JSON