CVE-2022-50715 — Premature Release of Resource During Expected Lifetime in Linux

CWE-826 — Premature Release of Resource During Expected Lifetime7 documents6 sources

Severity

4.4MEDIUM

No vector

EPSS

0.0%

top 84.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdx_raid1 thread when raid1 array run failed fail run raid1 array when we assemble array with the inactive disk only, but the mdx_raid1 thread were not stop, Even if the associated resources have been released. it will caused a NULL dereference when we do poweroff. This causes the following Oops: [ 287.587787] BUG: kernel NULL pointer dereference, address: 0000000000000070 [ 287.594762] #PF: supervisor read acc…

Affected Packages4 packages

▶Linuxlinux/linux_kernel4.10.0 — 4.14.303+7

▶Debianlinux/linux_kernel< 5.10.178-1+3

▶CVEListV5linux/linux5bad5054ecd83c866502f0370edfc9aa55dc9aa7 — d684ceb77311410aeaf5189d321f9f564838c49a+12

▶debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

OSV

md/raid1: stop mdx_raid1 thread when raid1 array run failed↗2025-12-24

▶

GHSA

GHSA-rrpf-vhv2-qw86: In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdx_raid1 thread when raid1 array run failed fail run raid1 array↗2025-12-24

▶

OSV

CVE-2022-50715: In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdx_raid1 thread when raid1 array run failed fail run raid1 array w↗2025-12-24

▶

📋Vendor Advisories

Red Hat

kernel: md/raid1: stop mdx_raid1 thread when raid1 array run failed↗2025-12-24

▶

Debian

CVE-2022-50715: linux - In the Linux kernel, the following vulnerability has been resolved: md/raid1: s...↗2022

▶

🕵️Threat Intelligence

Wiz

CVE-2022-50715 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶