CVE-2022-50502 — NULL Pointer Dereference in Azl3 Kernel 6.6.96.2-2 ON Azure Linux 3.0

CWE-476 — NULL Pointer Dereference5 documents5 sources

Severity

5.5MEDIUM

No vector

EPSS

No EPSS data

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Msrc Azl3 Kernel 6.6.96.2-2 ON Azure Linux 3.0

Timeline

PublishedOct 4

Latest updateOct 14

Description

In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smaps_rollup: fix no vma's null-deref Commit 258f669e7e88 ("mm: /proc/pid/smaps_rollup: convert to single value seq_file") introduced a null-deref if there are no vma's in the task in show_smaps_rollup.

Affected Packages2 packages

▶Debianlinux/linux_kernel< 5.5.13-1+3

▶msrcmsrc/azl3_kernel_6.6.96.2-2_on_azure_linux_3.0

🔴Vulnerability Details

OSV

CVE-2022-50502: In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smaps_rollup: fix no vma's null-deref Commit 258f669e7e88 ("mm: /pro↗2025-10-04

▶

GHSA

GHSA-6cm9-9f47-98qc: In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smaps_rollup: fix no vma's null-deref Commit 258f669e7e88 ("mm: /p↗2025-10-04

▶

📋Vendor Advisories

Microsoft

mm: /proc/pid/smaps_rollup: fix no vma's null-deref↗2025-10-14

▶

Red Hat

kernel: mm: /proc/pid/smaps_rollup: fix no vma's null-deref↗2025-10-04

▶

🕵️Threat Intelligence

Bleepingcomputer

Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws↗2025-10-14

▶