CVE-2022-50327 – This CVE describes a NULL pointer dereference v... (How to Fix)

Q: What is the severity of CVE-2022-50327?

CVE-2022-50327 has a CVSS score of 5.5 (MEDIUM). This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's ACPI processor idle driver. If exploited, it could cause a kernel panic leading to denial of service. This affects Linux systems with ACPI support enabled.

📋 TL;DR

This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's ACPI processor idle driver. If exploited, it could cause a kernel panic leading to denial of service. This affects Linux systems with ACPI support enabled.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected versions not explicitly stated in CVE description, but patches are available in stable kernel trees

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with ACPI support enabled. Most modern Linux systems have ACPI enabled by default.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic resulting in system crash and denial of service, potentially requiring physical access to restart the system.

🟠

Likely Case

System crash or kernel panic causing temporary denial of service until system reboot.

🟢

If Mitigated

No impact if proper kernel hardening and privilege separation are in place, as this requires kernel-level access.

🌐 Internet-Facing: LOW - This vulnerability requires local access to the system and cannot be exploited remotely over the network.

🏢 Internal Only: MEDIUM - Local users or processes with sufficient privileges could trigger this vulnerability to cause denial of service.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access and ability to trigger specific ACPI processor idle operations. No known public exploits available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patched in stable kernel versions referenced in the CVE links

Vendor Advisory: https://git.kernel.org/stable/c/2437513a814b3e93bd02879740a8a06e52e2cf7d

Restart Required: Yes

Instructions:

1. Update to a patched kernel version from your distribution's repositories. 2. Reboot the system to load the new kernel. 3. Verify the kernel version after reboot.

🔧 Temporary Workarounds

Disable ACPI processor idle states

Linux

Temporarily disable ACPI processor idle states to prevent triggering the vulnerable code path

echo 0 > /sys/devices/system/cpu/cpuidle/current_driver

🧯 If You Can't Patch

Implement strict access controls to limit local user privileges
Monitor system logs for kernel panic events and implement automated alerting

🔍 How to Verify

Check if Vulnerable:

Check kernel version against patched versions in your distribution's security advisories

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version after update matches patched version and monitor for system stability

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages in /var/log/kern.log or dmesg output
System crash/reboot events in system logs

Network Indicators:

None - this is a local vulnerability

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "NULL pointer dereference")

📊 Metadata

CVE ID: CVE-2022-50327

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.02% exploit probability (2.8th percentile)

Published: September 15, 2025

Last Updated: January 16, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-50327, you might also want to check these: