CVE-2022-50674

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc3-rt15+ #8

Description The Linux kernel contains a flaw within the vdso subsystem, specifically in the vdso join timens() function. When a vfork system call is used, a NULL deference can occur because the mm->context.vdso info is NULL. This can lead to a kernel crash, as demonstrated by testing with the tools/testing/selftests/timens/vfork exec.c tool. The issue arises from the handling of the vdso information pointer in the vfork scenario.

Recommendations Update to a version of the Linux kernel newer than 6.0.0-rc3-rt15+ #8.