CVE-2022-50227
MEDIUM EPSS 5.9%
Published Jun 18, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Published Jun 18, 2025 1y ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Initialize Xen timer only once Add a check for existing xen timers before initializing a new one. Currently kvm_xen_init_timer() is called on every KVM_XEN_VCPU_ATTR_TYPE_TIMER, which is causing the following ODEBUG crash when vcpu->arch.xen.timer is already set. ODEBUG: init active (active state 0) object type: hrtimer hint: xen_timer_callbac0 RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:502 Call Trace: __debug_object_init debug_hrtimer_init debug_init hrtimer_init kvm_xen_init_timer kvm_xen_vcpu_set_attr kvm_arch_vcpu_ioctl kvm_vcpu_ioctl vfs_ioctl
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
5.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥5.19 – <5.19.2 |
References 2
- git.kernel.org https://git.kernel.org/stable/c/9a9b5771e930f408c3419799000f76a9abaf2278
- git.kernel.org https://git.kernel.org/stable/c/af735db31285fa699384c649be72a9f32ecbb665
Remediation
- git.kernel.org https://git.kernel.org/stable/c/9a9b5771e930f408c3419799000f76a9abaf2278
- git.kernel.org https://git.kernel.org/stable/c/af735db31285fa699384c649be72a9f32ecbb665