CVE-2022-50415
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's parisc LED driver could cause kernel panic or system crash when the create_singlethread_workqueue() function fails to allocate memory. This affects Linux systems running on PA-RISC architecture with the LED driver enabled. The vulnerability requires local access to trigger.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.
Likely Case
System crash or kernel panic when memory allocation fails under specific conditions, resulting in temporary denial of service.
If Mitigated
Minimal impact as the system would need to be under memory pressure and have the specific driver enabled.
🎯 Exploit Status
Requires local access and specific conditions where memory allocation fails. Not trivial to exploit reliably.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in stable kernel releases containing commits: 3505c187b861, 41f563ab3c33, 5e4500454d75, 67c98fec87ed, 77f8b628affa
Vendor Advisory: https://git.kernel.org/stable/c/3505c187b86136250b39e62c72a3a70435277af6
Restart Required: Yes
Instructions:
1. Update to a patched Linux kernel version from your distribution vendor. 2. Reboot the system to load the new kernel. 3. Verify the fix is applied by checking kernel version.
🔧 Temporary Workarounds
Disable parisc LED driver
PA-RISC Linux systemsRemove or disable the vulnerable driver module if not needed
rmmod led
modprobe -r led
blacklist the led module in /etc/modprobe.d/
🧯 If You Can't Patch
- Ensure adequate system memory to reduce likelihood of allocation failure
- Restrict local user access to prevent potential exploitation
🔍 How to Verify
Check if Vulnerable:
Check if running on PA-RISC architecture and if LED driver is loaded: 'uname -m' and 'lsmod | grep led'Check Version:
uname -rVerify Fix Applied:
Check kernel version against patched releases and verify LED driver functions normally📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- NULL pointer dereference errors in kernel logs
- System crash/reboot events
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("NULL pointer dereference" OR "kernel panic" OR "led: start_task")🔗 References
- https://git.kernel.org/stable/c/3505c187b86136250b39e62c72a3a70435277af6
- https://git.kernel.org/stable/c/41f563ab3c33698bdfc3403c7c2e6c94e73681e4
- https://git.kernel.org/stable/c/5e4500454d75dd249be4695d83afa3ba0724c37e
- https://git.kernel.org/stable/c/67c98fec87ed76b1feb2ae810051afd88dfa9df6
- https://git.kernel.org/stable/c/77f8b628affaec692d83ad8bfa3520db8a0cc493
- https://git.kernel.org/stable/c/ac838c663ba1fd6bff35a817fd89a47ab55e88e0
- https://git.kernel.org/stable/c/c6db0c32f39684c89c97bc1ba1c9c4249ca09e48
- https://git.kernel.org/stable/c/fc307b2905a3dd75c50a53b4d87ac9c912fb7c4e
- https://git.kernel.org/stable/c/fc6d0f65f22040c6cc8a5ce032bf90252629de50
