#VU115443 NULL pointer dereference in Linux kernel - CVE-2022-50280
Published: September 16, 2025 / Updated: September 22, 2025
Vulnerability identifier: #VU115443
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-50280
CWE-ID: CWE-476
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the propagate_one() function in fs/pnode.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/11933cf1d91d57da9e5c53822a540bbdc2656c16
- https://git.kernel.org/stable/c/2dae4211b579ce98985876a73a78466e285238ff
- https://git.kernel.org/stable/c/784a4f995ee24460aa72e00b085612fad57ebce5
- https://git.kernel.org/stable/c/7f57df69de7f05302fad584eb8e3f34de39e0311
- https://git.kernel.org/stable/c/b591b2919d018ef91b4a9571edca94105bcad3df
- https://git.kernel.org/stable/c/c24cc476acd8bccb5af54849aac5e779d8223bf5
- https://git.kernel.org/stable/c/cad0d17fb2b0540180ab59e2cd48ad348cc1ee4c
- https://git.kernel.org/stable/c/cc997490be65da0af8c75a6244fc80bb66c53ce0
- https://git.kernel.org/stable/c/e7c9f10c44a8919cd8bbd51b228c84d0caf7d518
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.17