Login Sign Up

CVE-2022-50149

5.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE describes a deadlock vulnerability in the Linux kernel's driver core subsystem. When async probing is enabled and system resources are constrained, the __driver_attach function can cause an A-A (acquire-after-acquire) deadlock, potentially freezing the system. This affects all Linux systems with async driver probing enabled.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions before the fix commits (specific versions vary by distribution)
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires async driver probing enabled (CONFIG_PROBE_ASYNC) and specific resource constraints (memory exhaustion or work queue limits).

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system freeze requiring hard reboot, potentially causing data loss and extended downtime.

🟠

Likely Case

System hangs during driver initialization or device attachment, requiring manual intervention to recover.

🟢

If Mitigated

Minor performance impact during driver loading with proper resource management.

🌐 Internet-Facing: LOW - This is a local kernel deadlock issue not directly exploitable over network.
🏢 Internal Only: MEDIUM - Can cause system instability during driver operations but requires specific conditions to trigger.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires specific system conditions (resource exhaustion) and is more of a reliability issue than security vulnerability. No known remote exploitation vectors.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions with commits 37f908038402c9b8325763f306a1c65d88757e15 or later

Vendor Advisory: https://git.kernel.org/stable/c/37f908038402c9b8325763f306a1c65d88757e15

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.

🔧 Temporary Workarounds

Disable async driver probing

linux

Prevent the deadlock by disabling async probing which triggers the vulnerable code path

echo N > /sys/module/driver/parameters/probe_async
Add 'probe_async=N' to kernel command line

Increase system resources

linux

Ensure sufficient memory and work queue capacity to avoid triggering the fallback to sync execution

sysctl -w vm.min_free_kbytes=8192
Increase system memory if possible

🧯 If You Can't Patch

  • Monitor system resources to prevent memory exhaustion
  • Implement system monitoring for hung tasks and automatic recovery procedures

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if async probing is enabled: cat /proc/cmdline | grep probe_async && uname -r

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is patched: uname -r should show version after fix commits

📡 Detection & Monitoring

Log Indicators:

  • Kernel hung task messages in dmesg
  • 'echo 0 > /proc/sys/kernel/hung_task_timeout_secs' messages
  • Driver attachment failures in system logs

Network Indicators:

  • None - this is a local kernel issue

SIEM Query:

source="kernel" AND ("hung_task" OR "deadlock" OR "__driver_attach")

📊 Metadata

CVE ID: CVE-2022-50149
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-667
EPSS Score: 0.02% exploit probability (3th percentile)
Published: June 18, 2025
Last Updated: November 17, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-50149, you might also want to check these:

CVE-2020-12658 9.8

CVE-2020-12658 is a critical vulnerability in gssproxy (GSS-API proxy daemon) where improper mutex h...

Same vulnerability type (CWE-667)
CVE-2020-11284 8.4

This vulnerability allows non-secure boot loaders to unlock and modify memory regions that should re...

Same vulnerability type (CWE-667)
CVE-2021-22530 8.2

CVE-2021-22530 is an authentication bypass vulnerability in NetIQ Advanced Authentication that allow...

Same vulnerability type (CWE-667)