Null Pointer Dereference Vulnerability in Linux Kernel F2FS
CVE-2022-50620

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 8 December 2025

What is CVE-2022-50620?

A null pointer dereference vulnerability was identified in the f2fs_start_discard_thread function of the Linux kernel's F2FS file system. The flaw occurs due to a failure to invalidate the dcc->f2fs_issue_discard pointer in the error handling path. As a result, when the kthread_stop function is called, it may attempt to access this invalid pointer, leading to potential system instability or crashes. This vulnerability highlights the importance of proper error handling in kernel functions to prevent unintended accesses to memory and ensure overall system reliability.

Affected Version(s)

Linux 4d67490498acb4ffcef5ba7bc44990d46e66a44c < 865bb7b5a7deeb0e5afbd82381d52d38825dc64d

Linux 4d67490498acb4ffcef5ba7bc44990d46e66a44c

References

https://git.kernel.org/stable/c/865bb7b5a7deeb0e5afbd8238...

https://git.kernel.org/stable/c/a3e517a6ba695d683ee63615e...

https://git.kernel.org/stable/c/ae6c960a82c52c3bda5adc82d...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 8, 2025
Vulnerability Reserved
Dec 8, 2025

JSON