#VU115815 Race condition within a thread in Linux kernel - CVE-2022-50362
Published: September 18, 2025 / Updated: September 22, 2025
Vulnerability identifier: #VU115815
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-50362
CWE-ID: CWE-366
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the hisi_dma_start_transfer(), hisi_dma_issue_pending() and hisi_dma_irq() functions in drivers/dma/hisi_dma.c. A local user can corrupt data.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/2cbb95883c990d0002a77e13d3278913ab26ad79
- https://git.kernel.org/stable/c/7cb9b20941e1fb20d22d0a2f460a3d4fa417274c
- https://git.kernel.org/stable/c/af12e209a9d559394d35875ba0e6c80407605888
- https://git.kernel.org/stable/c/d4a8ec5cc7ff5d442bd49a44f26d74b2021ba4c8
- https://git.kernel.org/stable/c/f4cee0b385cd0348e071d4d80c4c13cfe547c70d
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.3