Use-After-Free Vulnerability in Linux Kernel's Block Layer for NVMe Controllers
CVE-2022-50552

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
7 October 2025

What is CVE-2022-50552?

A vulnerability exists in the Linux kernel's block layer, specifically in the handling of NVMe controllers. During the reinitialization of hardware queues, a race condition can occur where the hctx's run_work competes with the elevator switching process. This situation leads to a use-after-free condition. When this happens, the work may be assigned an elevator pointer that is in the process of being torn down, potentially resulting in kernel panics and NULL pointer dereferences. To mitigate this issue, the implementation now employs a quiesced elevator switch during queue reinitialization, ensuring that previous pointers are handled safely and locally.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux d48ece209f82c9ce07be942441b53d3fa3664936 < 63a681bcc32a43528ce0f690569f7f48e59c3963

Linux d48ece209f82c9ce07be942441b53d3fa3664936

Linux d48ece209f82c9ce07be942441b53d3fa3664936 < 8237c01f1696bc53c470493bf1fe092a107648a6

References

https://git.kernel.org/stable/c/63a681bcc32a43528ce0f6905...
https://git.kernel.org/stable/c/c478b3b2900f1834cf9eda5bf...
https://git.kernel.org/stable/c/8237c01f1696bc53c470493bf...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.