CVE-2022-50227

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-50227
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Initialize Xen timer only once Add a check for existing xen timers before initializing a new one. Currently kvm_xen_init_timer() is called on every KVM_XEN_VCPU_ATTR_TYPE_TIMER, which is causing the following ODEBUG crash when vcpu->arch.xen.timer is already set. ODEBUG: init active (active state 0) object type: hrtimer hint: xen_timer_callbac0 RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:502 Call Trace: __debug_object_init debug_hrtimer_init debug_init hrtimer_init kvm_xen_init_timer kvm_xen_vcpu_set_attr kvm_arch_vcpu_ioctl kvm_vcpu_ioctl vfs_ioctl

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/9a9b5771e930f408c3419799000f76a9abaf2278 Patch
https://git.kernel.org/stable/c/af735db31285fa699384c649be72a9f32ecbb665 Patch
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
History

19 Nov 2025, 12:57

Type Values Removed Values Added
First Time Linux
Linux linux Kernel
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
CWE NVD-CWE-noinfo
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: KVM: x86/xen: Inicializar el temporizador Xen solo una vez. Se ha añadido una comprobación de los temporizadores Xen existentes antes de inicializar uno nuevo. Actualmente, se llama a kvm_xen_init_timer() en cada KVM_XEN_VCPU_ATTR_TYPE_TIMER, lo que provoca el siguiente fallo de ODEBUG cuando vcpu->arch.xen.timer ya está configurado. ODEBUG: init activo (estado activo 0) tipo de objeto: hrtimer sugerencia: xen_timer_callbac0 RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:502 Seguimiento de llamadas: __debug_object_init debug_hrtimer_init debug_init hrtimer_init kvm_xen_init_timer kvm_xen_vcpu_set_attr kvm_arch_vcpu_ioctl kvm_vcpu_ioctl vfs_ioctl
References () https://git.kernel.org/stable/c/9a9b5771e930f408c3419799000f76a9abaf2278 - () https://git.kernel.org/stable/c/9a9b5771e930f408c3419799000f76a9abaf2278 - Patch
References () https://git.kernel.org/stable/c/af735db31285fa699384c649be72a9f32ecbb665 - () https://git.kernel.org/stable/c/af735db31285fa699384c649be72a9f32ecbb665 - Patch
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

18 Jun 2025, 11:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-06-18 11:15

Updated : 2025-11-19 12:57

NVD link : CVE-2022-50227

Mitre link : CVE-2022-50227

CVE.ORG link : CVE-2022-50227

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
NVD-CWE-noinfo