PT-2025-53030 · Linux+3 · Linux Kernel+3

Published

2025-12-24

Updated

2026-02-24

CVE-2022-50726

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc3 for upstream debug 2022 08 30 13 10

Description The Linux kernel contains a flaw in the mlx5 module related to asynchronous command handling. Specifically, a race condition in mlx5 cmd cleanup async ctx and mlx5 cmd exec cb handler could lead to a use-after-free condition. This occurs when mlx5 cmd cleanup async ctx returns before all callback handlers are completed, potentially freeing memory that is still in use by mlx5 cmd exec cb handler. The issue was identified through KASAN testing, which revealed a read of freed memory during interrupt handling. The root cause is a lack of proper synchronization when managing asynchronous command contexts.

Recommendations Versions prior to 6.0.0-rc3 for upstream debug 2022 08 30 13 10 should be updated.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-50726

RHSA-2023:2458

RHSA-2023:2951

SUSE-SU-2026:0263-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0350-1

SUSE-SU-2026:0369-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

Affected Products

Centos

Linux Kernel

Red Hat

Mlx5

PT-2025-53030 · Linux+3 · Linux Kernel+3

CVE-2022-50726

Related Identifiers

Affected Products

References · 982