CVE-2022-50657

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s memory management related to the KASAN (Kernel Address Sanitizer) initialization process. Specifically, a missing memcpy operation during kasan init can lead to a panic. This occurs because the newly allocated page directory entries (base pud, base p4d) do not contain the content of the early shadow structures (kasan early shadow pud, kasan early shadow p4d). This omission can result in a page fault when accessing the KASAN shadow region. The issue was tested on QEMU with both sv57 and sv48 configurations, with KASAN enabled.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.