CVE-2022-50488

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.10.0-60.18.0.50.h602

Description The Linux kernel contains a use-after-free issue within the block, bfq (Best Effort Queue) subsystem. Specifically, the issue relates to the bfqq->bic pointer. A scenario involving process migration between cgroups can lead to a situation where the bfqq and bic structures point to the same memory location, and the bic structure may be freed while still being referenced by the bfqq, resulting in a use-after-free condition. This can occur when a process moves to a new cgroup and issues new I/O requests before the previous I/O requests are completed.

Recommendations Update to Linux kernel version 5.10.0-60.18.0.50.h602 or a later version to address this issue.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2022-50488

RHSA-2023:6583

RHSA-2023_6583

SUSE-SU-2025:4111-1

SUSE-SU-2025:4135-1

SUSE-SU-2025:4139-1

SUSE-SU-2025:4149-1

SUSE-SU-2025:4188-1

SUSE-SU-2025:4320-1

SUSE-SU-2026:0475-1

SUSE-SU-2026:0495-1

Affected Products

Eulerosv2

Linux Kernel

Red Hat

Suse

CVE-2022-50488

Weakness Enumeration

Related Identifiers

Affected Products

References · 519