| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025091504-CVE-2022-50266-9532@gregkh>
Date: Mon, 15 Sep 2025 16:21:08 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...nel.org>
Subject: CVE-2022-50266: kprobes: Fix check for probe enabled in kill_kprobe()
From: Greg Kroah-Hartman <gregkh@...nel.org>
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
kprobes: Fix check for probe enabled in kill_kprobe()
In kill_kprobe(), the check whether disarm_kprobe_ftrace() needs to be
called always fails. This is because before that we set the
KPROBE_FLAG_GONE flag for kprobe so that "!kprobe_disabled(p)" is always
false.
The disarm_kprobe_ftrace() call introduced by commit:
0cb2f1372baa ("kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler")
to fix the NULL pointer reference problem. When the probe is enabled, if
we do not disarm it, this problem still exists.
Fix it by putting the probe enabled check before setting the
KPROBE_FLAG_GONE flag.
The Linux kernel CVE team has assigned CVE-2022-50266 to this issue.
Affected and fixed versions
===========================
Issue introduced in 5.9 with commit 3031313eb3d549b7ad6f9fbcc52ba04412e3eb9e and fixed in 6.0.16 with commit f20a067f13106565816b4b6a6b665b2088a63824
Issue introduced in 5.9 with commit 3031313eb3d549b7ad6f9fbcc52ba04412e3eb9e and fixed in 6.1.2 with commit c909985dd0c0f74b61e3f8f0e04bf8aa9c8b97c7
Issue introduced in 5.9 with commit 3031313eb3d549b7ad6f9fbcc52ba04412e3eb9e and fixed in 6.2 with commit 0c76ef3f26d5ef2ac2c21b47e7620cff35809fbb
Issue introduced in 4.4.238 with commit 3c5f8d371b7fef3e3714c4a062c7f3b4aa41d122
Issue introduced in 4.9.238 with commit 9b55d84deec88c02b053a819acf08a6d471dda02
Issue introduced in 4.14.200 with commit 2295608b44c91df767a5c68027f9c9e52ecb28e7
Issue introduced in 4.19.149 with commit ce7ff920092130f249b75f9fe177edb3362fefe8
Issue introduced in 5.4.69 with commit 3995f7a60feceba6c8f762f4aff3184f90a1291d
Issue introduced in 5.8.13 with commit 247c62ebdfae450bb76dd89cd4724df6be07df75
Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2022-50266
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
kernel/kprobes.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/f20a067f13106565816b4b6a6b665b2088a63824
https://git.kernel.org/stable/c/c909985dd0c0f74b61e3f8f0e04bf8aa9c8b97c7
https://git.kernel.org/stable/c/0c76ef3f26d5ef2ac2c21b47e7620cff35809fbb
Powered by blists - more mailing lists