{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2022-50022","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-06-18T10:57:27.394Z","datePublished":"2025-06-18T11:01:25.965Z","dateUpdated":"2026-05-11T19:11:16.308Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:11:16.308Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers:md:fix a potential use-after-free bug\n\nIn line 2884, \"raid5_release_stripe(sh);\" drops the reference to sh and\nmay cause sh to be released. However, sh is subsequently used in lines\n2886 \"if (sh->batch_head && sh != sh->batch_head)\". This may result in an\nuse-after-free bug.\n\nIt can be fixed by moving \"raid5_release_stripe(sh);\" to the bottom of\nthe function."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/md/raid5.c"],"versions":[{"version":"59fc630b8b5f9f21c8ce3ba153341c107dce1b0c","lessThan":"7470a4314b239e9a9580f248fdf4c9a92805490e","status":"affected","versionType":"git"},{"version":"59fc630b8b5f9f21c8ce3ba153341c107dce1b0c","lessThan":"09cf99bace7789d91caa8d10fbcfc8b2fb35857f","status":"affected","versionType":"git"},{"version":"59fc630b8b5f9f21c8ce3ba153341c107dce1b0c","lessThan":"e5b3dd2d92c4511e81f6e4ec9c5bb7ad25e03d13","status":"affected","versionType":"git"},{"version":"59fc630b8b5f9f21c8ce3ba153341c107dce1b0c","lessThan":"f5d46f1b47f65da1faf468277b261eb78c8e25b5","status":"affected","versionType":"git"},{"version":"59fc630b8b5f9f21c8ce3ba153341c107dce1b0c","lessThan":"5d8325fd15892c8ab1146edc1d7ed8463de39636","status":"affected","versionType":"git"},{"version":"59fc630b8b5f9f21c8ce3ba153341c107dce1b0c","lessThan":"d9b94c3ace549433de8a93eeb27b0391fc8ac406","status":"affected","versionType":"git"},{"version":"59fc630b8b5f9f21c8ce3ba153341c107dce1b0c","lessThan":"eb3a4f73f43f839df981dda5859e8e075067a360","status":"affected","versionType":"git"},{"version":"59fc630b8b5f9f21c8ce3ba153341c107dce1b0c","lessThan":"104212471b1c1817b311771d817fb692af983173","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/md/raid5.c"],"versions":[{"version":"4.1","status":"affected"},{"version":"0","lessThan":"4.1","status":"unaffected","versionType":"semver"},{"version":"4.9.326","lessThanOrEqual":"4.9.*","status":"unaffected","versionType":"semver"},{"version":"4.14.291","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.256","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.211","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.138","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.63","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.19.4","lessThanOrEqual":"5.19.*","status":"unaffected","versionType":"semver"},{"version":"6.0","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1","versionEndExcluding":"4.9.326"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1","versionEndExcluding":"4.14.291"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1","versionEndExcluding":"4.19.256"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1","versionEndExcluding":"5.4.211"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1","versionEndExcluding":"5.10.138"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1","versionEndExcluding":"5.15.63"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1","versionEndExcluding":"5.19.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1","versionEndExcluding":"6.0"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/7470a4314b239e9a9580f248fdf4c9a92805490e"},{"url":"https://git.kernel.org/stable/c/09cf99bace7789d91caa8d10fbcfc8b2fb35857f"},{"url":"https://git.kernel.org/stable/c/e5b3dd2d92c4511e81f6e4ec9c5bb7ad25e03d13"},{"url":"https://git.kernel.org/stable/c/f5d46f1b47f65da1faf468277b261eb78c8e25b5"},{"url":"https://git.kernel.org/stable/c/5d8325fd15892c8ab1146edc1d7ed8463de39636"},{"url":"https://git.kernel.org/stable/c/d9b94c3ace549433de8a93eeb27b0391fc8ac406"},{"url":"https://git.kernel.org/stable/c/eb3a4f73f43f839df981dda5859e8e075067a360"},{"url":"https://git.kernel.org/stable/c/104212471b1c1817b311771d817fb692af983173"}],"title":"drivers:md:fix a potential use-after-free bug","x_generator":{"engine":"bippy-1.2.0"}}}}