CVE-2022-50712

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-50712
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50712.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-50712
Downstream
Published
2025-12-24T12:22:37.676Z
Modified
2025-12-29T09:38:32.140825Z
Summary
devlink: hold region lock when flushing snapshots
Details

In the Linux kernel, the following vulnerability has been resolved:

devlink: hold region lock when flushing snapshots

Netdevsim triggers a splat on reload, when it destroys regions with snapshots pending:

WARNING: CPU: 1 PID: 787 at net/core/devlink.c:6291 devlinkregionsnapshotdel+0x12e/0x140 CPU: 1 PID: 787 Comm: devlink Not tainted 6.1.0-07460-g7ae9888d6e1c #580 RIP: 0010:devlinkregionsnapshotdel+0x12e/0x140 Call Trace: <TASK> devlregiondestroy+0x70/0x140 nsimdevreloaddown+0x2f/0x60 [netdevsim] devlinkreload+0x1f7/0x360 devlinknlcmdreload+0x6ce/0x860 genlfamilyrcvmsg_doit.isra.0+0x145/0x1c0

This is the locking assert in devlinkregionsnapshotdel(), we're supposed to be holding the region->snapshotlock here.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50712.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
2dec18ad826f52658f7781ee995d236cc449b678
Fixed
49383d4e59bb704341aaa1d51440ccce58270e61
Fixed
6298cab4d80bfdb6fe01fe31fd9f0ba26317fdae
Fixed
b4cafb3d2c740f8d1b1234b43ac4a60e5291c960

Affected versions

v5.*

v5.19

v6.*

v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.0.1
v6.0.10
v6.0.11
v6.0.12
v6.0.13
v6.0.14
v6.0.15
v6.0.2
v6.0.3
v6.0.4
v6.0.5
v6.0.6
v6.0.7
v6.0.8
v6.0.9
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50712.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.0.0
Fixed
6.0.16
Type
ECOSYSTEM
Events
Introduced
6.1.0
Fixed
6.1.2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50712.json"