CVE-2022-50452 – This is a NULL pointer dereference vulnerabilit... (How to Fix)

Q: What is the severity of CVE-2022-50452?

CVE-2022-50452 has a CVSS score of 5.5 (MEDIUM). This is a NULL pointer dereference vulnerability in the Linux kernel's CAKE (Common Applications Kept Enhanced) queuing discipline. When CAKE initialization fails during qdisc setup, subsequent cleanup code attempts to access uninitialized memory, causing a kernel panic. This affects Linux systems using CAKE as the default queuing discipline.

📋 TL;DR

This is a NULL pointer dereference vulnerability in the Linux kernel's CAKE (Common Applications Kept Enhanced) queuing discipline. When CAKE initialization fails during qdisc setup, subsequent cleanup code attempts to access uninitialized memory, causing a kernel panic. This affects Linux systems using CAKE as the default queuing discipline.

💻 Affected Systems

Products:

Linux kernel

Versions: Kernel versions with CAKE qdisc support before the fix commits

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable when CAKE is configured as the default queuing discipline and initialization fails during mqprio_init().

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially disrupting network connectivity and system availability.

🟠

Likely Case

System crash or kernel panic when configuring network queuing disciplines, requiring reboot to restore functionality.

🟢

If Mitigated

No impact if CAKE is not used as the default qdisc or if the vulnerable code path is not triggered.

🌐 Internet-Facing: MEDIUM - Could be triggered remotely if an attacker can influence qdisc configuration, but requires specific conditions.

🏢 Internal Only: MEDIUM - Local users or processes with CAP_NET_ADMIN capabilities could trigger the vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires CAP_NET_ADMIN privileges and specific network configuration conditions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits 154f4c06d9dbec1a14e91286c70b6305810302e0 or later

Vendor Advisory: https://git.kernel.org/stable/c/154f4c06d9dbec1a14e91286c70b6305810302e0

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version. 2. Reboot system to load new kernel. 3. Verify kernel version with 'uname -r'.

🔧 Temporary Workarounds

Disable CAKE as default qdisc

linux

Change default queuing discipline from CAKE to another qdisc like pfifo_fast

tc qdisc add dev <interface> root pfifo_fast
tc qdisc del dev <interface> root cake

🧯 If You Can't Patch

Avoid using CAKE as the default queuing discipline
Restrict CAP_NET_ADMIN capabilities to trusted users only

🔍 How to Verify

Check if Vulnerable:

Check if CAKE is configured as default qdisc and kernel version is vulnerable: 'tc qdisc show | grep cake' and 'uname -r'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is patched: 'uname -r' should show version with fix commits

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages in /var/log/kern.log or dmesg
NULL pointer dereference errors
CAKE-related crash reports

Network Indicators:

Sudden loss of network connectivity on affected interfaces
Qdisc configuration failures

SIEM Query:

kernel: *general protection fault* AND *cake* OR *qdisc* AND *null-ptr-deref*

📊 Metadata

CVE ID: CVE-2022-50452

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.02% exploit probability (5.5th percentile)

Published: October 1, 2025

Last Updated: January 16, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-50452, you might also want to check these: