CVE-2022-50657

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-50657

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50657.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-50657

Downstream

DEBIAN-CVE-2022-50657

UBUNTU-CVE-2022-50657

Published

2025-12-09T01:29:04.968Z

Modified

2026-04-02T08:28:41.206294Z

Summary

riscv: mm: add missing memcpy in kasan_init

Details

In the Linux kernel, the following vulnerability has been resolved:

riscv: mm: add missing memcpy in kasan_init

Hi Atish,

It seems that the panic is due to the missing memcpy during kasan_init. Could you please check whether this patch is helpful?

When doing kasanpopulate, the new allocated basepud/basep4d should contain kasanearlyshadow{pud, p4d}'s content. Add the missing memcpy to avoid page fault when read/write kasan shadow region.

Tested on: - qemu with sv57 and CONFIGKASAN on. - qemu with sv48 and CONFIGKASAN on.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50657.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

8fbdccd2b17335e1881a23865e98c63fcc345938

Fixed

ff0f6becf3a6f817838b6f80a2c9cca43dce0576

Fixed

9f2ac64d6ca60db99132e08628ac2899f956a0ec

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50657.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.18.0

Fixed

6.0.7

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50657.json"