AZL-71197

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-71197.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-71197

Upstream

CVE-2022-50266

Published

2025-09-15T15:15:37Z

Modified

2026-04-01T05:18:41.991379Z

Summary

CVE-2022-50266 affecting package kernel 5.15.200.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

kprobes: Fix check for probe enabled in kill_kprobe()

In killkprobe(), the check whether disarmkprobeftrace() needs to be called always fails. This is because before that we set the KPROBEFLAGGONE flag for kprobe so that "!kprobedisabled(p)" is always false.

The disarmkprobeftrace() call introduced by commit:

0cb2f1372baa ("kprobes: Fix NULL pointer dereference at kprobeftracehandler")

to fix the NULL pointer reference problem. When the probe is enabled, if we do not disarm it, this problem still exists.

Fix it by putting the probe enabled check before setting the KPROBEFLAGGONE flag.

References

https://nvd.nist.gov/vuln/detail/CVE-2022-50266

Affected packages

Azure Linux:2 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

5.15.200.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-71197.json"