CVE-2022-50148

low-risk

Published 2025-06-18

In the Linux kernel, the following vulnerability has been resolved: kernfs: fix potential NULL dereference in __kernfs_remove When lockdep is enabled, lockdep_assert_held_write would cause potential NULL pointer dereference. Fix the following smatch warnings: fs/kernfs/dir.c:1353 __kernfs_remove() warn: variable dereferenced before check 'kn' (see line 1346)

Do I need to act?

0.02% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (3)

Patch https://git.kernel.org/stable/c/4a9f35b8729c5bf13ea671c908c17ed74c48fc50

Patch https://git.kernel.org/stable/c/72b5d5aef246a0387cefa23121dd90901c7a691a

Patch https://git.kernel.org/stable/c/b871986d9d3071f5082664ac274d93f08db257cd

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal