Login Sign Up

CVE-2022-50382

5.5 MEDIUM

📋 TL;DR

A race condition in the Linux kernel's padata subsystem can cause a deadlock when processing parallel tasks with bottom halves (BHs) enabled. This vulnerability affects systems using padata for parallel processing, potentially leading to system hangs or denial of service. The issue specifically impacts overloaded systems running certain cryptographic operations.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions before the fix commits (specific versions vary by distribution)
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems using padata subsystem, particularly for cryptographic operations via pcrypt. Many standard configurations may not trigger this.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

System deadlock requiring hard reboot, causing complete denial of service and potential data loss in active operations.

🟠

Likely Case

System hangs or performance degradation under heavy load when padata is processing parallel tasks, particularly affecting cryptographic operations.

🟢

If Mitigated

Minor performance impact or no noticeable effect if system isn't heavily loaded or not using affected padata functionality.

🌐 Internet-Facing: LOW - Requires local access or ability to trigger specific kernel operations; not directly exploitable over network.
🏢 Internal Only: MEDIUM - Local users or processes could potentially trigger the deadlock condition, affecting system stability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires specific conditions: system must be overloaded and using padata parallel processing. Likely requires local access to trigger.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 17afa98bccec4f52203508b3f49b5f948c6fd6ac, 34c3a47d20ae55b3600fed733bf96eafe9c500d5, 6cfa9e60c0f88fdec6368e081ab968411cc706b1, 7337adb20fcc0aebb50eaff2bc5a8dd9a7c6743d, 8e0681dd4eee029eb1d533d06993f7cb091efb73

Vendor Advisory: https://git.kernel.org/stable/c/17afa98bccec4f52203508b3f49b5f948c6fd6ac

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing fix commits. 2. Check distribution-specific security advisories. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable padata usage

all

Avoid using padata subsystem if possible, particularly for cryptographic operations

# No specific commands - avoid using padata APIs in applications

Limit system load

all

Monitor and limit system load to reduce chance of triggering race condition

# Monitor system load: uptime
# Set process limits: ulimit -u [max_processes]

🧯 If You Can't Patch

  • Monitor system for hangs or performance issues related to cryptographic operations
  • Implement load balancing to prevent system overload conditions

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with distribution security advisories. Vulnerable if using kernel before fix commits.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits. Check system logs for padata-related errors after patch.

📡 Detection & Monitoring

Log Indicators:

  • System hangs
  • Kernel panic messages
  • Processes stuck in D state
  • padata-related kernel messages

Network Indicators:

  • None - local vulnerability only

SIEM Query:

Search for: kernel panic OR system hang OR process state:D AND (padata OR pcrypt)

📊 Metadata

CVE ID: CVE-2022-50382
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-667
EPSS Score: 0.01% exploit probability (0.7th percentile)
Published: September 18, 2025
Last Updated: January 14, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-50382, you might also want to check these:

CVE-2020-12658 9.8

CVE-2020-12658 is a critical vulnerability in gssproxy (GSS-API proxy daemon) where improper mutex h...

Same vulnerability type (CWE-667)
CVE-2020-11284 8.4

This vulnerability allows non-secure boot loaders to unlock and modify memory regions that should re...

Same vulnerability type (CWE-667)
CVE-2021-22530 8.2

CVE-2021-22530 is an authentication bypass vulnerability in NetIQ Advanced Authentication that allow...

Same vulnerability type (CWE-667)