CVE & CISA-KEV Catalog

CVE-2022-50000

MEDIUM
5.5
CVSS v3
NVD

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: fix stuck flows on cleanup due to pending work To clear the flow table on flow table free, the following sequence normally happens in order: 1) gc_step work is stopped to disable any further stats/del requests. 2) All flow table entries are set to teardown state. 3) Run gc_step which will queue HW del work for each flow table entry. 4) Waiting for the above del work to finish (flush). 5) Run gc_step again, deleting all entries from the flow table. 6) Flow table is freed. But if a flow table entry already has pending HW stats or HW add work step 3 will not queue HW del work (it will be skipped), step 4 will wait for the pending add/stats to finish, and step 5 will queue HW del work which might execute after freeing of the flow table. To fix the above, this patch flushes the pending work, then it sets the teardown flag to all flows in the flowtable and it forces a garbage collector run to queue work to remove the flows from hardware, then it flushes this new pending work and (finally) it forces another garbage collector run to remove the entry from the software flowtable. Stack trace: [47773.882335] BUG: KASAN: use-after-free in down_read+0x99/0x460 [47773.883634] Write of size 8 at addr ffff888103b45aa8 by task kworker/u20:6/543704 [47773.885634] CPU: 3 PID: 543704 Comm: kworker/u20:6 Not tainted 5.12.0-rc7+ #2 [47773.886745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009) [47773.888438] Workqueue: nf_ft_offload_del flow_offload_work_handler [nf_flow_table] [47773.889727] Call Trace: [47773.890214] dump_stack+0xbb/0x107 [47773.890818] print_address_description.constprop.0+0x18/0x140 [47773.892990] kasan_report.cold+0x7c/0xd8 [47773.894459] kasan_check_range+0x145/0x1a0 [47773.895174] down_read+0x99/0x460 [47773.899706] nf_flow_offload_tuple+0x24f/0x3c0 [nf_flow_table] [47773.907137] flow_offload_work_handler+0x72d/0xbe0 [nf_flow_table] [47773.913372] process_one_work+0x8ac/0x14e0 [47773.921325] [47773.921325] Allocated by task 592159: [47773.922031] kasan_save_stack+0x1b/0x40 [47773.922730] __kasan_kmalloc+0x7a/0x90 [47773.923411] tcf_ct_flow_table_get+0x3cb/0x1230 [act_ct] [47773.924363] tcf_ct_init+0x71c/0x1156 [act_ct] [47773.925207] tcf_action_init_1+0x45b/0x700 [47773.925987] tcf_action_init+0x453/0x6b0 [47773.926692] tcf_exts_validate+0x3d0/0x600 [47773.927419] fl_change+0x757/0x4a51 [cls_flower] [47773.928227] tc_new_tfilter+0x89a/0x2070 [47773.936652] [47773.936652] Freed by task 543704: [47773.937303] kasan_save_stack+0x1b/0x40 [47773.938039] kasan_set_track+0x1c/0x30 [47773.938731] kasan_set_free_info+0x20/0x30 [47773.939467] __kasan_slab_free+0xe7/0x120 [47773.940194] slab_free_freelist_hook+0x86/0x190 [47773.941038] kfree+0xce/0x3a0 [47773.941644] tcf_ct_flow_table_cleanup_work Original patch description and stack trace by Paul Blakey.

How to fix

Remediation Available
linuxDebian
Fixed in:5.19.6-1CVE-2022-50000
Fixed in:5.19.6-1CVE-2022-50000
Fixed in:5.19.6-1CVE-2022-50000
bpftoolRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
bpftoolRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
bpftool-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
bpftool-debuginfoRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernelRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
kernelRed Hat / RHEL
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-abi-stablelistsRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
kernel-abi-stablelistsRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
kernel-coreRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-coreRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
kernel-debugRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
kernel-debugRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
kernel-debug-coreRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-coreRocky
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-debuginfoRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-develRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
kernel-debug-develRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-modulesRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-modulesRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-modules-extraRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debug-modules-extraRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfoRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfo-common-aarch64Red Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfo-common-aarch64Rocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfo-common-ppc64leRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfo-common-ppc64leRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfo-common-s390xRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfo-common-s390xRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-debuginfo-common-x86_64Rocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
kernel-debuginfo-common-x86_64Red Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
kernel-develRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-develRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
kernel-docRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
kernel-docRocky
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-modulesRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-modulesRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-modules-extraRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-modules-extraRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-toolsRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
kernel-toolsRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-tools-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-tools-debuginfoRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-tools-libsRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-tools-libsRocky
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-tools-libs-develRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-tools-libs-develRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdumpRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdumpRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-coreRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-coreRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-debuginfoRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-develRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-develRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-modulesRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-modulesRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-modules-extraRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
kernel-zfcpdump-modules-extraRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
perfRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
perfRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
perf-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
perf-debuginfoRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
python3-perfRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
python3-perfRocky
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
python3-perf-debuginfoRocky
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
python3-perf-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-305.172.1.el8_4RHSA-2025:15660
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951
Fixed in:0:4.18.0-477.10.1.el8_8RHSA-2023:2951

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityNone
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploit Intelligence

0.19%probability of exploitation in 30 days
9thpercentile

Low risk: more likely to be exploited than 9% of all known CVEs.

References

Related Vulnerabilities

Other CWE-416 (Use After Free) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2019-0708Critical9.8100%KEV + Ransom-
CVE-2021-31166Critical9.8100%KEVFix
CVE-2015-5119Critical9.899%KEV-
CVE-2010-3962High8.197%KEV-
CVE-2015-0313Critical9.896%KEVFix
CVE-2017-9798High7.595%-Fix
Embed a live status badge for CVE-2022-50000
CVE-2022-50000 severity badge

Markdown

[![CVE-2022-50000](https://tridentstack.com/cve/badge/CVE-2022-50000.svg)](https://tridentstack.com/cve/CVE-2022-50000)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-50000"><img src="https://tridentstack.com/cve/badge/CVE-2022-50000.svg" alt="CVE-2022-50000"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-11-14.