VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 24, 2025· Updated Apr 15, 2026

CVE-2022-50712

CVE-2022-50712

Description

In the Linux kernel, the following vulnerability has been resolved:

devlink: hold region lock when flushing snapshots

Netdevsim triggers a splat on reload, when it destroys regions with snapshots pending:

WARNING: CPU: 1 PID: 787 at net/core/devlink.c:6291 devlink_region_snapshot_del+0x12e/0x140 CPU: 1 PID: 787 Comm: devlink Not tainted 6.1.0-07460-g7ae9888d6e1c #580 RIP: 0010:devlink_region_snapshot_del+0x12e/0x140 Call Trace:

devl_region_destroy+0x70/0x140 nsim_dev_reload_down+0x2f/0x60 [netdevsim] devlink_reload+0x1f7/0x360 devlink_nl_cmd_reload+0x6ce/0x860 genl_family_rcv_msg_doit.isra.0+0x145/0x1c0

This is the locking assert in devlink_region_snapshot_del(), we're supposed to be holding the region->snapshot_lock here.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

CVE-2022-50712 is a lockdowm violation in the Linux kernel's devlink subsystem where the region snapshot lock is not held when flushing snapshots, leading to a kernel splat.

Vulnerability

Overview CVE-2022-50712 is a locking issue in the Linux kernel's devlink subsystem, specifically within the devlink_region_snapshot_del() function. The vulnerability occurs because the region's snapshot_lock is not held when flushing snapshots during region destruction, which triggers a kernel splat (WARN_ON) indicating a locking assertion failure [1].

Exploitation

Path The issue is exposed during devlink reload operations. When a netdevsim (or other devlink-compatible driver) performs a reload, it destroys regions that may still have pending snapshots. The function devlink_region_snapshot_del() is called without the required region->snapshot_lock, causing the warning and potentially unstable state. An attacker with local access and sufficient privileges (CAP_NET_ADMIN) could trigger this reload sequence to cause a denial of service (system crash or hang) due to the splat [1].

Impact

Successful exploitation results in a kernel splat, which in a production environment can lead to system instability, crash, or denial of service. The locking violation does not directly provide privilege escalation but can be used to disrupt network device management and system availability [1].

Mitigation

The vulnerability is fixed in the Linux kernel by commit 49383d4e59bb704341aaa1d51440ccce58270e61. Users should update to a kernel version containing this fix. For systems that cannot immediately update, restricting access to devlink operations or limiting reload capabilities may reduce risk, though no official workaround is documented [1].

References
  1. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

3
49383d4e59bb
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
6298cab4d80b
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
b4cafb3d2c74
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.