vulnerability
Ubuntu: (CVE-2022-50771): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Dec 24, 2025 | Jan 6, 2026 | Jan 6, 2026 |
Description
In the Linux kernel, the following vulnerability has been resolved: rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state() Running rcutorture with non-zero fqs_duration module parameter in a kernel built with CONFIG_PREEMPTION=y results in the following splat: BUG: using __this_cpu_read() in preemptible [00000000] code: rcu_torture_fqs/398 caller is __this_cpu_preempt_check+0x13/0x20 CPU: 3 PID: 398 Comm: rcu_torture_fqs Not tainted 6.0.0-rc1-yoctodev-standard+ Call Trace: <TASK> dump_stack_lvl+0x5b/0x86 dump_stack+0x10/0x16 check_preemption_disabled+0xe5/0xf0 __this_cpu_preempt_check+0x13/0x20 rcu_force_quiescent_state.part.0+0x1c/0x170 rcu_force_quiescent_state+0x1e/0x30 rcu_torture_fqs+0xca/0x160 ? rcu_torture_boost+0x430/0x430 kthread+0x192/0x1d0 ? kthread_complete_and_exit+0x30/0x30 ret_from_fork+0x22/0x30 </TASK> The problem is that rcu_force_quiescent_state() uses __this_cpu_read() in preemptible code instead of the proper raw_cpu_read(). This commit therefore changes __this_cpu_read() to raw_cpu_read().
Solutions
References
- CVE-2022-50771
- https://attackerkb.com/topics/CVE-2022-50771
- URL-https://git.kernel.org/stable/c/3d92527a919edd1aa381bdd6c299dd75a8167396
- URL-https://git.kernel.org/stable/c/5a52380b8193cf8be6c4a6b94b86ef64ed80c0dc
- URL-https://git.kernel.org/stable/c/80a3e7ab477b3655615fc1627c88c248d4ad28d9
- URL-https://git.kernel.org/stable/c/98a5b1265a36e9d843a51ddd6c9fa02da50d2c57
- URL-https://git.kernel.org/stable/c/a74af9b937707b42c3fd041aae1ed4ce2f337307
- URL-https://git.kernel.org/stable/c/ceb1c8c9b8aa9199da46a0f29d2d5f08d9b44c15
- URL-https://www.cve.org/CVERecord?id=CVE-2022-50771
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.