CVE-2022-50889

high

Description

In the Linux kernel, the following vulnerability has been resolved: dm integrity: Fix UAF in dm_integrity_dtr() Dm_integrity also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in dm_integrity_dtr().

References

https://git.kernel.org/stable/c/f50cb2cbabd6c4a60add93d72451728f86e4791c

https://git.kernel.org/stable/c/b6c93cd61afab061d80cc842333abca97b289774

https://git.kernel.org/stable/c/a506b5c92757b034034ef683e667bffc456c600b

https://git.kernel.org/stable/c/9f8e1e54a3a424c6c4fb8742e094789d3ec91e42

https://git.kernel.org/stable/c/9215b25f2e105032114e9b92c9783a2a84ee8af9

https://git.kernel.org/stable/c/792e51aac376cfb5bd527c2a30826223b82dd177

Details

Source: Mitre, NVD

Published: 2025-12-30

Updated: 2025-12-31

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Severity: High

EPSS

EPSS: 0.00024