CVE-2022-50206

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-50206
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50206.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-50206
Downstream
Related
Published
2025-06-18T11:15:51Z
Modified
2025-08-09T19:01:26Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

arm64: fix oops in concurrently setting insn_emulation sysctls

emulationprochandler() changes table->data for procdointvecminmax and can generate the following Oops if called concurrently with itself:

| Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010 | Internal error: Oops: 96000006 [#1] SMP | Call trace: | updateinsnemulationmode+0xc0/0x148 | emulationprochandler+0x64/0xb8 | procsyscallhandler+0x9c/0xf8 | procsyswrite+0x18/0x20 | _vfswrite+0x20/0x48 | vfswrite+0xe4/0x1d0 | ksyswrite+0x70/0xf8 | _arm64syswrite+0x20/0x28 | el0svccommon.constprop.0+0x7c/0x1c0 | el0svchandler+0x2c/0xa0 | el0svc+0x8/0x200

To fix this issue, keep the table->data as &insn->currentmode and use containerof() to retrieve the insn pointer. Another mutex is used to protect against the currentmode update but not for retrieving insnemulation as table->data is no longer changing.

References

Affected packages