CVE-2022-50381
📋 TL;DR
A race condition vulnerability in the Linux kernel's MD (Multiple Devices) subsystem can cause a kernel crash when freeing memory pools. This affects systems using software RAID (md) or LVM with RAID configurations. The vulnerability allows local attackers to trigger a denial of service by causing a kernel panic.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data corruption or loss in RAID arrays during the crash.
Likely Case
System crash requiring reboot, disrupting services running on affected systems with software RAID configurations.
If Mitigated
No impact if patched or if system doesn't use MD/LVM RAID functionality.
🎯 Exploit Status
Exploitation requires local access and knowledge of triggering the specific race condition during RAID operations. No known public exploits.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commits 341097ee53573e06ab9fc675d96a052385b851fa and related fixes
Vendor Advisory: https://git.kernel.org/stable/c/341097ee53573e06ab9fc675d96a052385b851fa
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix. 2. For RHEL/CentOS: yum update kernel. 3. For Ubuntu/Debian: apt update && apt upgrade linux-image. 4. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable MD/LVM RAID
LinuxIf not using software RAID functionality, disable MD module to prevent vulnerability
echo 'blacklist md_mod' >> /etc/modprobe.d/blacklist.conf
rmmod md_mod
🧯 If You Can't Patch
- Restrict local user access to systems with RAID configurations
- Monitor system logs for kernel panic events related to mempool_free or MD operations
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if MD module is loaded: uname -r && lsmod | grep md_modCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is updated and check dmesg for absence of related crashes after RAID operations📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/messages or dmesg
- NULL pointer dereference errors mentioning mempool_free
- RAID/LVM error messages during operations
Network Indicators:
- None - local vulnerability only
SIEM Query:
event_source="kernel" AND (message="BUG: kernel NULL pointer dereference" OR message="mempool_free" OR message="md: ")🔗 References
- https://git.kernel.org/stable/c/341097ee53573e06ab9fc675d96a052385b851fa
- https://git.kernel.org/stable/c/384ef33d37cefb2ac539d44597d03f06c9b8975c
- https://git.kernel.org/stable/c/732cd66ec19a17f2b9183d7d5b7bdb9c39b0776e
- https://git.kernel.org/stable/c/842f222fc42a9239831e15b1fd49a51c546902cb
- https://git.kernel.org/stable/c/91bd504128a51776472445070e11a3b0f9348c90
- https://git.kernel.org/stable/c/97ce99984be12b9acb49ddce0f5d8ebb037adbb6
- https://git.kernel.org/stable/c/ae7793027766491c5f8635b12d15a5940d3b8698
- https://git.kernel.org/stable/c/b5be563b4356b3089b3245d024cae3f248ba7090
- https://git.kernel.org/stable/c/cf06b162f5b6337b688072a1a47941280b8f7110
