Description

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq Commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'") will access 'bic->bfqq' in bic_set_bfqq(), however, bfq_exit_icq_bfqq() can free bfqq first, and then call bic_set_bfqq(), which will cause uaf. Fix the problem by moving bfq_exit_bfqq() behind bic_set_bfqq().

INFO

Published Date :

2025-09-15T14:49:32.123Z

Last Modified :

2025-09-15T14:49:32.123Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-50329 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-50329.

URL Resource
https://git.kernel.org/stable/c/1425f1bb5df5239021fd09ebc2a5e8070e705d36 cve-icon cve-icon
https://git.kernel.org/stable/c/1ed959fef5b1c6f1a7a3fbea543698c30ebd6678 cve-icon cve-icon
https://git.kernel.org/stable/c/246cf66e300b76099b5dbd3fdd39e9a5dbc53f02 cve-icon cve-icon
https://git.kernel.org/stable/c/7949b0df3dd9f4817ed4a4e989fa9ee81df6205f cve-icon cve-icon
https://git.kernel.org/stable/c/cfe5b38c37720313eff0dec5517442c7ab3c9a20 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025091554-CVE-2022-50329-58ac@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-50329 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-50329 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact