CVE-2022-50329

Published: Sep 15, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq Commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'") will access 'bic->bfqq' in bic_set_bfqq(), however, bfq_exit_icq_bfqq() can free bfqq first, and then call bic_set_bfqq(), which will cause uaf. Fix the problem by moving bfq_exit_bfqq() behind bic_set_bfqq().

Vendor	Product	Versions
Linux	Linux	affected `5533742c7cb1bc9b1f0bf401cc397d44a3a9e07a - < 1425f1bb5df5239021fd09ebc2a5e8070e705d36` affected `094f3d9314d67691cb21ba091c1b528f6e3c4893 - < 7949b0df3dd9f4817ed4a4e989fa9ee81df6205f` affected `b22fd72bfebda3956efc4431b60ddfc0a51e03e0 - < cfe5b38c37720313eff0dec5517442c7ab3c9a20` affected `761564d93c8265f65543acf0a576b32d66bfa26a - < 1ed959fef5b1c6f1a7a3fbea543698c30ebd6678` affected `64dc8c732f5c2b406cc752e6aaa1bd5471159cab - < 246cf66e300b76099b5dbd3fdd39e9a5dbc53f02`
Linux	Linux	affected `5.15.86 - < 5.15.87` affected `6.0.16 - < 6.0.17` affected `6.1.2 - < 6.1.3`

References

https://git.kernel.org/stable/c/1425f1bb5df5239021fd09ebc2a5e8070e705d36

https://git.kernel.org/stable/c/7949b0df3dd9f4817ed4a4e989fa9ee81df6205f

https://git.kernel.org/stable/c/cfe5b38c37720313eff0dec5517442c7ab3c9a20

https://git.kernel.org/stable/c/1ed959fef5b1c6f1a7a3fbea543698c30ebd6678

https://git.kernel.org/stable/c/246cf66e300b76099b5dbd3fdd39e9a5dbc53f02

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-50329

Description

Affected Products

References