DEBIAN-CVE-2022-50091
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-50091
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50091.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2022-50091
- Upstream
- Published
- 2025-06-18T11:15:38.277Z
- Modified
- 2025-11-19T02:04:35.239754Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: locking/csdlock: Change csdlockdebug from early_param to __setup The csdlockdebug kernel-boot parameter is parsed by the earlyparam() function csdlockdebug(). If set, csdlockdebug() invokes staticbranchenable() to enable csdlockwait feature, which triggers a panic on arm64 for kernels built with CONFIGSPARSEMEM=y and CONFIGSPARSEMEMVMEMMAP=n. With CONFIGSPARSEMEM_VMEMMAP=n, __nrtosection is called in statickeyenable() and returns NULL, resulting in a NULL dereference because memsection is initialized only later in sparseinit(). This is also a problem for powerpc because earlyparam() functions are invoked earlier than jumplabelinit(), also resulting in statickeyenable() failures. These failures cause the warning "static key 'xxx' used before call to jumplabelinit()". Thus, earlyparam is too early for csdlockwait to run staticbranchenable(), so changes it to __setup to fix these.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source