CVE-2022-50506

MEDIUM EPSS 2.5%
Published Oct 4, 20258mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 4, 2025 8mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: drbd: only clone bio if we have a backing device Commit c347a787e34cb (drbd: set ->bi_bdev in drbd_req_new) moved a bio_set_dev call (which has since been removed) to "earlier", from drbd_request_prepare to drbd_req_new. The problem is that this accesses device->ldev->backing_bdev, which is not NULL-checked at this point. When we don't have an ldev (i.e. when the DRBD device is diskless), this leads to a null pointer deref. So, only allocate the private_bio if we actually have a disk. This is also a small optimization, since we don't clone the bio to only to immediately free it again in the diskless case.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 2

VendorProductVersionRange
linuxlinux_kernel*≥5.18  –  <6.0.6
linuxlinux_kernel6.1any

References 2

  • git.kernel.org https://git.kernel.org/stable/c/05580a3bbf3cec677cb00a85dfeb21d6a9b48eaf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6d42ddf7f27b6723549ee6d4c8b1b418b59bf6b5
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/05580a3bbf3cec677cb00a85dfeb21d6a9b48eaf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6d42ddf7f27b6723549ee6d4c8b1b418b59bf6b5
    Patch