{"id":"CVE-2022-50064","summary":"virtio-blk: Avoid use-after-free on suspend/resume","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-blk: Avoid use-after-free on suspend/resume\n\nhctx-\u003euser_data is set to vq in virtblk_init_hctx().  However, vq is\nfreed on suspend and reallocated on resume.  So, hctx-\u003euser_data is\ninvalid after resume, and it will cause use-after-free accessing which\nwill result in the kernel crash something like below:\n\n[   22.428391] Call Trace:\n[   22.428899]  \u003cTASK\u003e\n[   22.429339]  virtqueue_add_split+0x3eb/0x620\n[   22.430035]  ? __blk_mq_alloc_requests+0x17f/0x2d0\n[   22.430789]  ? kvm_clock_get_cycles+0x14/0x30\n[   22.431496]  virtqueue_add_sgs+0xad/0xd0\n[   22.432108]  virtblk_add_req+0xe8/0x150\n[   22.432692]  virtio_queue_rqs+0xeb/0x210\n[   22.433330]  blk_mq_flush_plug_list+0x1b8/0x280\n[   22.434059]  __blk_flush_plug+0xe1/0x140\n[   22.434853]  blk_finish_plug+0x20/0x40\n[   22.435512]  read_pages+0x20a/0x2e0\n[   22.436063]  ? folio_add_lru+0x62/0xa0\n[   22.436652]  page_cache_ra_unbounded+0x112/0x160\n[   22.437365]  filemap_get_pages+0xe1/0x5b0\n[   22.437964]  ? context_to_sid+0x70/0x100\n[   22.438580]  ? sidtab_context_to_sid+0x32/0x400\n[   22.439979]  filemap_read+0xcd/0x3d0\n[   22.440917]  xfs_file_buffered_read+0x4a/0xc0\n[   22.441984]  xfs_file_read_iter+0x65/0xd0\n[   22.442970]  __kernel_read+0x160/0x2e0\n[   22.443921]  bprm_execve+0x21b/0x640\n[   22.444809]  do_execveat_common.isra.0+0x1a8/0x220\n[   22.446008]  __x64_sys_execve+0x2d/0x40\n[   22.446920]  do_syscall_64+0x37/0x90\n[   22.447773]  entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThis patch fixes this issue by getting vq from vblk, and removes\nvirtblk_init_hctx().","modified":"2026-04-02T08:28:11.285385Z","published":"2025-06-18T11:02:11.276Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50064.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/2b54e14535bc34bf649372060d518ec9f2b893b3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8d12ec10292877751ee4463b11a63bd850bc09b5"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50064.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-50064"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4e0400525691d0e676dbe002641f9a61261f1e1b"},{"fixed":"2b54e14535bc34bf649372060d518ec9f2b893b3"},{"fixed":"8d12ec10292877751ee4463b11a63bd850bc09b5"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50064.json"}}],"schema_version":"1.7.5"}