CVE-2022-50227— KVM: x86/xen: Initialize Xen timer only once

EPSS 0.07% · P22 Updated May 13, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-50227

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

KVM: x86/xen: Initialize Xen timer only once

Source: NVD (National Vulnerability Database)

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Initialize Xen timer only once Add a check for existing xen timers before initializing a new one. Currently kvm_xen_init_timer() is called on every KVM_XEN_VCPU_ATTR_TYPE_TIMER, which is causing the following ODEBUG crash when vcpu->arch.xen.timer is already set. ODEBUG: init active (active state 0) object type: hrtimer hint: xen_timer_callbac0 RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:502 Call Trace: __debug_object_init debug_hrtimer_init debug_init hrtimer_init kvm_xen_init_timer kvm_xen_vcpu_set_attr kvm_arch_vcpu_ioctl kvm_vcpu_ioctl vfs_ioctl

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于KVM x86 xen多次初始化定时器，可能导致调试对象冲突。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Linux	Linux	536395260582be7443b0b35b0bbb89ffe3947f62 ~ 9a9b5771e930f408c3419799000f76a9abaf2278	-
Linux	Linux	5.19	-

II. Public POCs for CVE-2022-50227

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-50227

请登录查看更多情报信息。

https://nvd.nist.gov/vuln/detail/CVE-2022-50227

Same Patch Batch · Linux · 2025-06-18 · 362 CVEs total

CVE-2022-50103		sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed
CVE-2022-50114		net: 9p: fix refcount leak in p9_read_work() error handling
CVE-2022-50113		ASoc: audio-graph-card2: Fix refcount leak bug in __graph_get_type()
CVE-2022-50112		rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge
CVE-2022-50111		ASoC: mt6359: Fix refcount leak bug
CVE-2022-50110		watchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource
CVE-2022-50109		video: fbdev: amba-clcd: Fix refcount leak bugs
CVE-2022-50108		mfd: max77620: Fix refcount leak in max77620_initialise_fps
CVE-2022-50106		powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address
CVE-2022-50107		cifs: Fix memory leak when using fscache
CVE-2022-50105		powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader
CVE-2022-50104		powerpc/xive: Fix refcount leak in xive_get_max_prio
CVE-2022-50098		scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts
CVE-2022-50093		iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)
CVE-2022-50095		posix-cpu-timers: Cleanup CPU timers before freeing them during exec
CVE-2022-50094		spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
CVE-2022-50096		x86/kprobes: Update kcb status flag after singlestepping
CVE-2022-50097		video: fbdev: s3fb: Check the size of screen before memset_io()
CVE-2022-50100		sched/core: Do not requeue task on CPU excluded from cpus_mask
CVE-2022-50102		video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()

Showing top 20 of 362 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux

Same vendor: Linux

V. Comments for CVE-2022-50227

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-50227— KVM: x86/xen: Initialize Xen timer only once

I. Basic Information for CVE-2022-50227

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-50227

III. Intelligence Information for CVE-2022-50227

Same Patch Batch · Linux · 2025-06-18 · 362 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-50227

Leave a comment