CVE-2022-50091
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-50091
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50091.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-50091
- Downstream
- Related
- Published
- 2025-06-18T11:02:30Z
- Modified
- 2025-10-15T01:12:23.615094Z
- Summary
- locking/csd_lock: Change csdlock_debug from early_param to __setup
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
locking/csdlock: Change csdlockdebug from earlyparam to _setup
The csdlockdebug kernel-boot parameter is parsed by the earlyparam() function csdlockdebug(). If set, csdlockdebug() invokes staticbranchenable() to enable csdlockwait feature, which triggers a panic on arm64 for kernels built with CONFIGSPARSEMEM=y and CONFIGSPARSEMEM_VMEMMAP=n.
With CONFIGSPARSEMEMVMEMMAP=n, _nrtosection is called in statickeyenable() and returns NULL, resulting in a NULL dereference because memsection is initialized only later in sparse_init().
This is also a problem for powerpc because earlyparam() functions are invoked earlier than jumplabelinit(), also resulting in statickeyenable() failures. These failures cause the warning "static key 'xxx' used before call to jumplabel_init()".
Thus, earlyparam is too early for csdlockwait to run staticbranchenable(), so changes it to _setup to fix these.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/05de9e2e33b1625c71aee69e353fe906dd2be88a
- https://git.kernel.org/stable/c/9c9b26b0df270d4f9246e483a44686fca951a29c
- https://git.kernel.org/stable/c/b480d1e9a8c11ecc1c99dc01814b28e3103bd0a0
- https://git.kernel.org/stable/c/d2cbdbe22b5f190055d2d0ae92e7454479343a30
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8d0968cc6b8ffd8496c2ebffdfdc801f949a85e5Fixedd2cbdbe22b5f190055d2d0ae92e7454479343a30
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8d0968cc6b8ffd8496c2ebffdfdc801f949a85e5Fixed05de9e2e33b1625c71aee69e353fe906dd2be88a
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8d0968cc6b8ffd8496c2ebffdfdc801f949a85e5Fixedb480d1e9a8c11ecc1c99dc01814b28e3103bd0a0
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8d0968cc6b8ffd8496c2ebffdfdc801f949a85e5Fixed9c9b26b0df270d4f9246e483a44686fca951a29c
Affected versions
v5.*
v5.12
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.54
v5.15.55
v5.15.56
v5.15.57
v5.15.58
v5.15.59
v5.15.6
v5.15.60
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.18.1
v5.18.10
v5.18.11
v5.18.12
v5.18.13
v5.18.14
v5.18.15
v5.18.16
v5.18.17
v5.18.2
v5.18.3
v5.18.4
v5.18.5
v5.18.6
v5.18.7
v5.18.8
v5.18.9
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.19.1
Database specific
{
"vanir_signatures": [
{
"id": "CVE-2022-50091-043f0d31",
"signature_type": "Function",
"target": {
"file": "kernel/smp.c",
"function": "csdlock_debug"
},
"deprecated": false,
"digest": {
"length": 264.0,
"function_hash": "14611611318189753202187100037711537304"
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d2cbdbe22b5f190055d2d0ae92e7454479343a30"
},
{
"id": "CVE-2022-50091-3689c1d0",
"signature_type": "Function",
"target": {
"file": "kernel/smp.c",
"function": "csdlock_debug"
},
"deprecated": false,
"digest": {
"length": 264.0,
"function_hash": "14611611318189753202187100037711537304"
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b480d1e9a8c11ecc1c99dc01814b28e3103bd0a0"
},
{
"id": "CVE-2022-50091-39bbd8bc",
"signature_type": "Function",
"target": {
"file": "kernel/smp.c",
"function": "csdlock_debug"
},
"deprecated": false,
"digest": {
"length": 264.0,
"function_hash": "14611611318189753202187100037711537304"
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@05de9e2e33b1625c71aee69e353fe906dd2be88a"
},
{
"id": "CVE-2022-50091-a16519dc",
"signature_type": "Line",
"target": {
"file": "kernel/smp.c"
},
"deprecated": false,
"digest": {
"line_hashes": [
"162846425184859959557266090621631661469",
"134664510700642263854484336517212637926",
"217938608703899968918591744921373065158",
"145582941776332083064702507983221132414",
"87384969846070631849973831768865275839",
"125617922551097491442194582690640357069"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b480d1e9a8c11ecc1c99dc01814b28e3103bd0a0"
},
{
"id": "CVE-2022-50091-c493b503",
"signature_type": "Line",
"target": {
"file": "kernel/smp.c"
},
"deprecated": false,
"digest": {
"line_hashes": [
"162846425184859959557266090621631661469",
"134664510700642263854484336517212637926",
"217938608703899968918591744921373065158",
"145582941776332083064702507983221132414",
"87384969846070631849973831768865275839",
"125617922551097491442194582690640357069"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@05de9e2e33b1625c71aee69e353fe906dd2be88a"
},
{
"id": "CVE-2022-50091-e3d560d2",
"signature_type": "Line",
"target": {
"file": "kernel/smp.c"
},
"deprecated": false,
"digest": {
"line_hashes": [
"162846425184859959557266090621631661469",
"134664510700642263854484336517212637926",
"217938608703899968918591744921373065158",
"145582941776332083064702507983221132414",
"87384969846070631849973831768865275839",
"125617922551097491442194582690640357069"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9c9b26b0df270d4f9246e483a44686fca951a29c"
},
{
"id": "CVE-2022-50091-e5ad1d34",
"signature_type": "Line",
"target": {
"file": "kernel/smp.c"
},
"deprecated": false,
"digest": {
"line_hashes": [
"162846425184859959557266090621631661469",
"134664510700642263854484336517212637926",
"217938608703899968918591744921373065158",
"145582941776332083064702507983221132414",
"87384969846070631849973831768865275839",
"125617922551097491442194582690640357069"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d2cbdbe22b5f190055d2d0ae92e7454479343a30"
},
{
"id": "CVE-2022-50091-eee2f440",
"signature_type": "Function",
"target": {
"file": "kernel/smp.c",
"function": "csdlock_debug"
},
"deprecated": false,
"digest": {
"length": 264.0,
"function_hash": "14611611318189753202187100037711537304"
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9c9b26b0df270d4f9246e483a44686fca951a29c"
}
]
}