CVE-2022-50380 – This CVE-2022-50380 is a null pointer dereferen... (How to Fix)

Q: What is the severity of CVE-2022-50380?

CVE-2022-50380 has a CVSS score of 5.5 (MEDIUM). This CVE-2022-50380 is a null pointer dereference vulnerability in the Linux kernel's /proc/pid/smaps_rollup interface. It allows local attackers to cause a kernel panic (denial of service) by accessing the smaps_rollup file for processes with no virtual memory areas. This affects all Linux systems with vulnerable kernel versions.

📋 TL;DR

This CVE-2022-50380 is a null pointer dereference vulnerability in the Linux kernel's /proc/pid/smaps_rollup interface. It allows local attackers to cause a kernel panic (denial of service) by accessing the smaps_rollup file for processes with no virtual memory areas. This affects all Linux systems with vulnerable kernel versions.

💻 Affected Systems

Products:

Linux kernel

Versions: Kernel versions between commit 258f669e7e88 and the fix commits listed in references

Operating Systems: All Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default kernel configurations when /proc filesystem is mounted.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.

🟠

Likely Case

Local denial of service through kernel panic, requiring system reboot to recover.

🟢

If Mitigated

Minimal impact with proper access controls preventing unauthorized local users from accessing /proc files.

🌐 Internet-Facing: LOW - Requires local access to exploit, not directly reachable from network.

🏢 Internal Only: MEDIUM - Local users or compromised accounts could cause system crashes affecting availability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and ability to read /proc/pid/smaps_rollup files. Exploitation involves triggering the null dereference through specific process states.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 33fc9e26b7cb39f0d4219c875a2451802249c225, 6bb8769326c46db3058780c0640dcc49d8187b24, 97898139ca9b81ba9322a585e07490983c53b55a, a50ed2d28727ff605d95fb9a53be8ff94e8eaaf4, c4c84f06285e48f80e9843d0775ad92714ffc35a

Vendor Advisory: https://git.kernel.org/stable/c/33fc9e26b7cb39f0d4219c875a2451802249c225

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel package. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Restrict /proc access

all

Limit access to /proc filesystem to prevent unauthorized users from triggering the vulnerability

mount -o remount,hidepid=2 /proc
chmod 750 /proc

Disable smaps_rollup

all

Remove read permissions from smaps_rollup files to prevent exploitation

chmod 000 /proc/*/smaps_rollup 2>/dev/null

🧯 If You Can't Patch

Implement strict access controls to limit which users can read /proc files
Monitor for kernel panic events and investigate unauthorized /proc access attempts

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if it's between vulnerable commit 258f669e7e88 and the fix commits

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes one of the fix commits: 33fc9e26b7cb39f0d4219c875a2451802249c225 or others listed

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages in /var/log/messages or dmesg
OOM killer activity
System crash/reboot events

Network Indicators:

None - local exploitation only

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "NULL pointer dereference")

📊 Metadata

CVE ID: CVE-2022-50380

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.01% exploit probability (1.3th percentile)

Published: September 18, 2025

Last Updated: January 14, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-50380, you might also want to check these: