PT-2025-25948 · Linux+4 · Linux Kernel+4

Published

2022-08-02

Updated

2025-07-28

CVE-2022-50022

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A potential use-after-free bug has been identified in the Linux kernel. The issue arises from the function raid5 release stripe(sh) dropping the reference to sh, which may cause sh to be released. However, sh is subsequently used, potentially resulting in a use-after-free bug. This occurs in the lines where sh->batch head is checked and sh is compared to sh->batch head. The bug can be fixed by moving the raid5 release stripe(sh) call to the bottom of the function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2026-01522

CESA-2023_2951

CVE-2022-50022

OESA-2025-1820

RHSA-2023:2458

RHSA-2023:2951

RHSA-2023_2458

RHSA-2023_2951

RHSA-2025:12238

RHSA-2025:12623

RHSA-2025:13776

RHSA-2025:14054

RHSA-2025:14094

RHSA-2025:14746

RHSA-2025:14748

SUSE-SU-2025:02264-1

SUSE-SU-2025:02308-1

SUSE-SU-2025:02320-1

SUSE-SU-2025:02321-1

SUSE-SU-2025:02322-1

SUSE-SU-2025:02334-1

SUSE-SU-2025:02537-1

SUSE-SU-2025:2264-1

SUSE-SU-2025_02264-1

SUSE-SU-2025_02308-1

SUSE-SU-2025_02334-1

SUSE-SU-2025_02537-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2025-25948 · Linux+4 · Linux Kernel+4

CVE-2022-50022

Weakness Enumeration

Related Identifiers

Affected Products

References · 791