CVE-2022-50534

5.5 MEDIUM

📋 TL;DR

A race condition in the Linux kernel's device-mapper thin provisioning subsystem can cause a soft lockup when reading corrupted metadata. This vulnerability affects systems using dm-thin pools and can lead to denial of service. The issue occurs when a transaction commit fails, leaving the btree in an inconsistent state.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions before the fix commits (specific versions vary by distribution)
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ✅ No
Notes: Only affects systems using device-mapper thin provisioning (dm-thin). Not vulnerable if dm-thin is not configured or used.

⚠️ Risk & Real-World Impact

🔴

Worst Case

System soft lockup requiring hard reboot, causing extended downtime and potential data corruption in dm-thin pools.

🟠

Likely Case

Denial of service affecting dm-thin pool operations, potentially impacting storage availability for containers, VMs, or other thin-provisioned storage.

🟢

If Mitigated

Minimal impact if systems are patched or don't use dm-thin pools; read-only mode prevents data corruption.

🌐 Internet-Facing: LOW - This is a local kernel vulnerability requiring access to dm-thin pool operations.
🏢 Internal Only: MEDIUM - Can be triggered by any process with access to dm-thin pool operations, potentially affecting shared storage infrastructure.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Reproducer available in bug report. Requires ability to trigger dm-thin operations and cause transaction commit failures.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel commits: 3db757ffdd87ed8d7118b2250236a496502a660f, 4b710e8481ade7c9200e94d3018e99dc42a0a0e8, 7991dbff6849f67e823b7cc0c15e5a90b0549b9f, 87d69b8824ca9b090f5a8ed47f758e8f6eecb871, 94f01ecc2aa0be992865acc80ebb6701f731f955

Vendor Advisory: https://bugzilla.kernel.org/show_bug.cgi?id=216790

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable dm-thin pools

linux

Remove or disable device-mapper thin provisioning if not required

dmsetup remove thin-pool-name
modprobe -r dm_thin_pool

Monitor for soft lockups

linux

Implement monitoring for kernel soft lockups and watchdog events

grep -i 'softlockup' /var/log/kern.log
watchdog -t 10 /dev/watchdog

🧯 If You Can't Patch

  • Implement strict access controls to dm-thin pool operations
  • Monitor system logs for soft lockup warnings and transaction failures

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if dm-thin is in use: 'uname -r' and 'lsmod | grep dm_thin_pool'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits and test dm-thin operations

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages with 'softlockup: hung tasks'
  • dm-thin transaction commit failures
  • Watchdog timeout events

Network Indicators:

  • None - local kernel issue

SIEM Query:

source="kernel" AND ("softlockup" OR "hung tasks" OR "dm_thin_pool")

📊 Metadata

CVE ID: CVE-2022-50534
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Published: October 7, 2025
Last Updated: February 5, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON