VDB
DEBIAN-CVE-2022-50022
DEBIAN-CVE-2022-50022
PUBLISHED
CVSS 7.800000190734863 HIGH
In the Linux kernel, the following vulnerability has been resolved: drivers:md:fix a potential use-after-free bug In line 2884, "raid5_release_stripe(sh);" drops the reference to sh and may cause sh to be released. However, sh is subsequently used in lines 2886 "if (sh->batch_head && sh != sh->batch_head)". This may result in an use-after-free bug. It can be fixed by moving "raid5_release_stripe(sh);" to the bottom of the function.
Risk Scores
CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | linux | 0, 0, 0 |
| Debian:11 | linux | *, 5.10.92-2, * |
| Debian:14 | linux | 0, 0, 0 |
| Debian:13 | linux | 0, 0, 0 |
Timeline
- Jun 18, 2025 CVE Published
- Apr 28, 2026 CVE Updated