CVE-2022-50720Reachable Assertion in Linux

CWE-617Reachable Assertion7 documents6 sources
Severity
4.4MEDIUM
No vector
EPSS
0.0%
top 93.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC (or xAPIC), and Extended APIC (or x2APIC). X2APIC mode is mostly compatible with legacy APIC, but it disables the memory-mapped APIC interface in favor of one that uses MSRs. The APIC mode is controlled by the EXT bit in the APIC MSR. The MMIO/xAPIC interface has some problems, most notably the APIC LEAK [1]. This bug allows an attacker to use t

Affected Packages4 packages

Linuxlinux/linux_kernel3.3.05.19.17+1
Debianlinux/linux_kernel< 6.0.3-1+2
CVEListV5linux/linuxfb209bd891645bb87b9618b724f0b4928e0df3de05785ba834f23272f9d23427ae4a80ac505a5296+3
debiandebian/linux< linux 6.0.3-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2022-50720: In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC2025-12-24
OSV
x86/apic: Don't disable x2APIC if locked2025-12-24
GHSA
GHSA-pc73-7j79-5x2x: In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy API2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: x86/apic: Don't disable x2APIC if locked2025-12-24
Debian
CVE-2022-50720: linux - In the Linux kernel, the following vulnerability has been resolved: x86/apic: D...2022

🕵️Threat Intelligence

1
Wiz
CVE-2022-50720 Impact, Exploitability, and Mitigation Steps | Wiz