PT-2025-25979 · Linux+5 · Linux Kernel+5

Published

2022-08-12

·

Updated

2026-03-14

·

CVE-2022-50053

CVSS v2.0

6.0

Medium

VectorAV:L/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.18.0
Description The issue is related to the iavf driver in the Linux kernel. It involves a problem with reset error handling, where calling iavf close in iavf reset task error handling can lead to a deadlock due to a double call of napi disable. This can cause the iavf remove task to become stuck, as it requires crit lock, which is held by iavf close. The error handling can also lead to iavf remove being stuck when the hardware fails to set up the VF mailbox during rapid VF resets.
Recommendations For Linux kernel versions prior to 5.18.0, the issue can be resolved by applying the fix for reset error handling, which involves calling iavf disable vf if reset fails, allowing the driver to clean up remaining invalid resources. As a temporary workaround, consider disabling the iavf driver until a patch is available. Restrict access to the iavf remove task to minimize the risk of exploitation.

Exploit

Fix

Improper Resource Release

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-667

Related Identifiers

BDU:2026-02579
CESA-2022_7110
CESA-2022_7683
CVE-2022-50053
OESA-2025-1820
RHSA-2022:7110
RHSA-2022:7683
RHSA-2022_7110
RHSA-2022_7683
RHSA-2023:0334
RHSA-2023:2458
RHSA-2023_0334
RHSA-2023_2458
RHSA-2026:10756
RHSA-2026:9870
SUSE-SU-2025:02264-1
SUSE-SU-2025:02321-1
SUSE-SU-2025:02322-1
SUSE-SU-2025:02537-1
SUSE-SU-2025:2264-1
SUSE-SU-2025_02264-1
SUSE-SU-2025_02537-1
SUSE-SU-2026:2068-1

Affected Products

Astra Linux
Centos
Debian
Linux Kernel
Red Hat
Suse