PT-2025-26141 · Linux+3 · Linux Kernel+3

Published

2022-07-18

Updated

2025-07-28

CVE-2022-50215

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A issue in the Linux kernel has been resolved, related to the SCSI device removal while in active use. When a SCSI device is removed, the kernel would immediately return an error on attempts to wait for active commands, potentially leading to corrupted userspace memory or data. This issue has been observed in practice during logout of an iscsi tcp session. The kernel now allows userspace to wait for active commands even when the device is being removed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-826CWE-253

Related Identifiers

BDU:2026-02337

CVE-2022-50215

RHSA-2023:2458

RHSA-2023_2458

SUSE-SU-2025:02264-1

SUSE-SU-2025:02308-1

SUSE-SU-2025:02320-1

SUSE-SU-2025:02321-1

SUSE-SU-2025:02322-1

SUSE-SU-2025:02334-1

SUSE-SU-2025:02537-1

SUSE-SU-2025:2264-1

SUSE-SU-2025_02264-1

SUSE-SU-2025_02308-1

SUSE-SU-2025_02334-1

SUSE-SU-2025_02537-1

Affected Products

Astra Linux

Linux Kernel

Red Hat

Suse

PT-2025-26141 · Linux+3 · Linux Kernel+3

CVE-2022-50215

Weakness Enumeration

Related Identifiers

Affected Products

References · 750