CVE-2022-50475— RDMA/core: Make sure "ib_port" is valid when access sysfs node
Affected Version Matrix 10
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | d8a5883814b9f7c08d7ff291070687d925b4f859< f981c697b2f9bd5dd2f060e47ff8b5e0a2cd0c06 | affected |
d8a5883814b9f7c08d7ff291070687d925b4f859< ac7a7d7079124f46180714b2d41a1703d37101bb | affected | ||
d8a5883814b9f7c08d7ff291070687d925b4f859< cd06d32a71fbb198b2d43dddf794badd80ffd25d | affected | ||
d8a5883814b9f7c08d7ff291070687d925b4f859< 5e15ff29b156bbbdeadae230c8ecd5ecd8ca2477 | affected | ||
5.14 | affected | ||
< 5.14 | unaffected | ||
5.15.86≤ 5.15.* | unaffected | ||
6.0.16≤ 6.0.* | unaffected | ||
| … +2 more rows | |||
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-50475
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
RDMA/core: Make sure "ib_port" is valid when access sysfs node
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Make sure "ib_port" is valid when access sysfs node The "ib_port" structure must be set before adding the sysfs kobject, and reset after removing it, otherwise it may crash when accessing the sysfs node: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000050 Mem abort info: ESR = 0x96000006 Exception class = DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 Data abort info: ISV = 0, ISS = 0x00000006 CM = 0, WnR = 0 user pgtable: 4k pages, 48-bit VAs, pgdp = 00000000e85f5ba5 [0000000000000050] pgd=0000000848fd9003, pud=000000085b387003, pmd=0000000000000000 Internal error: Oops: 96000006 [#2] PREEMPT SMP Modules linked in: ib_umad(O) mlx5_ib(O) nfnetlink_cttimeout(E) nfnetlink(E) act_gact(E) cls_flower(E) sch_ingress(E) openvswitch(E) nsh(E) nf_nat_ipv6(E) nf_nat_ipv4(E) nf_conncount(E) nf_nat(E) nf_conntrack(E) nf_defrag_ipv6(E) nf_defrag_ipv4(E) mst_pciconf(O) ipmi_devintf(E) ipmi_msghandler(E) ipmb_dev_int(OE) mlx5_core(O) mlxfw(O) mlxdevm(O) auxiliary(O) ib_uverbs(O) ib_core(O) mlx_compat(O) psample(E) sbsa_gwdt(E) uio_pdrv_genirq(E) uio(E) mlxbf_pmc(OE) mlxbf_gige(OE) mlxbf_tmfifo(OE) gpio_mlxbf2(OE) pwr_mlxbf(OE) mlx_trio(OE) i2c_mlxbf(OE) mlx_bootctl(OE) bluefield_edac(OE) knem(O) ip_tables(E) ipv6(E) crc_ccitt(E) [last unloaded: mst_pci] Process grep (pid: 3372, stack limit = 0x0000000022055c92) CPU: 5 PID: 3372 Comm: grep Tainted: G D OE 4.19.161-mlnx.47.gadcd9e3 #1 Hardware name: https://www.mellanox.com BlueField SoC/BlueField SoC, BIOS BlueField:3.9.2-15-ga2403ab Sep 8 2022 pstate: 40000005 (nZcv daif -PAN -UAO) pc : hw_stat_port_show+0x4c/0x80 [ib_core] lr : port_attr_show+0x40/0x58 [ib_core] sp : ffff000029f43b50 x29: ffff000029f43b50 x28: 0000000019375000 x27: ffff8007b821a540 x26: ffff000029f43e30 x25: 0000000000008000 x24: ffff000000eaa958 x23: 0000000000001000 x22: ffff8007a4ce3000 x21: ffff8007baff8000 x20: ffff8007b9066ac0 x19: ffff8007bae97578 x18: 0000000000000000 x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000 x8 : ffff8007a4ce4000 x7 : 0000000000000000 x6 : 000000000000003f x5 : ffff000000e6a280 x4 : ffff8007a4ce3000 x3 : 0000000000000000 x2 : aaaaaaaaaaaaaaab x1 : ffff8007b9066a10 x0 : ffff8007baff8000 Call trace: hw_stat_port_show+0x4c/0x80 [ib_core] port_attr_show+0x40/0x58 [ib_core] sysfs_kf_seq_show+0x8c/0x150 kernfs_seq_show+0x44/0x50 seq_read+0x1b4/0x45c kernfs_fop_read+0x148/0x1d8 __vfs_read+0x58/0x180 vfs_read+0x94/0x154 ksys_read+0x68/0xd8 __arm64_sys_read+0x28/0x34 el0_svc_common+0x88/0x18c el0_svc_handler+0x78/0x94 el0_svc+0x8/0xe8 Code: f2955562 aa1603e4 aa1503e0 f9405683 (f9402861)
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于ib_port结构设置不当,可能导致空指针取消引用。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2022-50475
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-50475
请登录查看更多情报信息。
Same Patch Batch · Linux · 2025-10-04 · 144 CVEs total
| CVE-2025-39946 | 9.8 CRITICAL | tls: make sure to abort the stream if headers are bogus |
| CVE-2022-50491 | coresight: cti: Fix hang in cti_disable_hw() | |
| CVE-2023-53581 | net/mlx5e: Check for NOT_READY flag state after locking | |
| CVE-2023-53580 | USB: Gadget: core: Help prevent panic during UVC unconfigure | |
| CVE-2022-50507 | fs/ntfs3: Validate data run offset | |
| CVE-2022-50508 | wifi: mt76: mt76x0: fix oob access in mt76x0_phy_get_target_power | |
| CVE-2022-50506 | drbd: only clone bio if we have a backing device | |
| CVE-2022-50504 | powerpc/rtas: avoid scheduling in rtas_os_term() | |
| CVE-2022-50505 | iommu/amd: Fix pci device refcount leak in ppr_notifier() | |
| CVE-2022-50503 | mtd: lpddr2_nvm: Fix possible null-ptr-deref | |
| CVE-2022-50501 | media: coda: Add check for dcoda_iram_alloc | |
| CVE-2022-50500 | netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed | |
| CVE-2022-50499 | media: dvb-core: Fix double free in dvb_register_device() | |
| CVE-2022-50497 | binfmt_misc: fix shift-out-of-bounds in check_special_flags | |
| CVE-2022-50498 | eth: alx: take rtnl_lock on resume | |
| CVE-2022-50496 | dm cache: Fix UAF in destroy() | |
| CVE-2022-50494 | thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash | |
| CVE-2022-50493 | scsi: qla2xxx: Fix crash when I/O abort times out | |
| CVE-2022-50492 | drm/msm: fix use-after-free on probe deferral | |
| CVE-2023-53572 | clk: imx: scu: use _safe list iterator to avoid a use after free |
Showing top 20 of 144 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Linux
- CVE-2026-46333
ptrace: slightly saner 'get_dumpable()' logic - CVE-2026-43490
ksmbd: validate inherited ACE SID length - CVE-2026-43489
liveupdate: luo_file: remember retrieve() status - CVE-2026-43487
ata: libata-core: Disable LPM on ST1000DM010-2EP102 - CVE-2026-43488
usb: xhci: Prevent interrupt storm on host controller error
Same vendor: Linux
- CVE-2026-46333
ptrace: slightly saner 'get_dumpable()' logic - CVE-2026-43490
ksmbd: validate inherited ACE SID length - CVE-2026-43489
liveupdate: luo_file: remember retrieve() status - CVE-2026-43487
ata: libata-core: Disable LPM on ST1000DM010-2EP102 - CVE-2026-43488
usb: xhci: Prevent interrupt storm on host controller error
V. Comments for CVE-2022-50475
No comments yet