CVE-2022-50768 — Improper Update of Reference Count in Linux

CWE-911 — Improper Update of Reference Count7 documents6 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 93.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Correct device removal for multi-actuator devices Correct device count for multi-actuator drives which can cause kernel panics.

Affected Packages4 packages

▶Linuxlinux/linux_kernel6.0.0 — 6.0.16+1

▶Debianlinux/linux_kernel< 6.1.4-1+2

▶CVEListV5linux/linux2d80f4054f7f901b8ad97358a9069616ac8524c7 — e8e9e0c28901d34beb193b5ece52eb7c656f4042+3

▶debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-7x4j-mxw3-3v9g: In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Correct device removal for multi-actuator devices Correct device↗2025-12-24

▶

OSV

scsi: smartpqi: Correct device removal for multi-actuator devices↗2025-12-24

▶

OSV

CVE-2022-50768: In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Correct device removal for multi-actuator devices Correct device c↗2025-12-24

▶

📋Vendor Advisories

Red Hat

kernel: scsi: smartpqi: Correct device removal for multi-actuator devices↗2025-12-24

▶

Debian

CVE-2022-50768: linux - In the Linux kernel, the following vulnerability has been resolved: scsi: smart...↗2022

▶

🕵️Threat Intelligence

Wiz

CVE-2022-50768 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶