CVE-2022-50147
📋 TL;DR
This CVE describes an out-of-bounds memory access vulnerability in the Linux kernel's memory policy subsystem. When users specify more nodes than the system supports, the get_nodes function accesses memory beyond the allocated bounds, potentially leading to kernel crashes or privilege escalation. This affects all Linux systems using vulnerable kernel versions.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, or potential privilege escalation allowing attackers to gain root access and execute arbitrary code.
Likely Case
Kernel crash causing system instability or denial of service, requiring reboot to restore functionality.
If Mitigated
System remains stable with proper input validation and kernel hardening features enabled.
🎯 Exploit Status
Requires local access and ability to trigger the memory policy functionality with malicious input. No public exploits known at this time.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Multiple stable kernel versions with fixes: 000eca5d044d1ee23b4ca311793cf3fc528da6c6, 44652154484e7e3d12008802cfb6c28a8aa16d85, 8176f6a0d9c1b06bc7af7c3d6acd4a66448939df, d1b5113674c3e95bb53c601ce2ea4719e851c74d
Vendor Advisory: https://git.kernel.org/stable/c/000eca5d044d1ee23b4ca311793cf3fc528da6c6
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Restrict user access to memory policy functions
linuxLimit which users can use memory policy functionality through kernel capabilities or SELinux/AppArmor policies
🧯 If You Can't Patch
- Implement strict access controls to limit which users can execute code on the system
- Enable kernel hardening features like KASLR and restrict kernel module loading
🔍 How to Verify
Check if Vulnerable:
Check kernel version and compare with patched versions from kernel.org. Vulnerable if using unpatched kernel with memory policy support.Check Version:
uname -rVerify Fix Applied:
Verify kernel version after update matches patched version. Check that system remains stable when memory policy operations are performed.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/kern.log or dmesg output
- System crash reports
- Unexpected reboots
Network Indicators:
- None - this is a local vulnerability
SIEM Query:
Search for kernel panic events or unexpected system reboots in system logs