{"id":"CVE-2022-50715","summary":"md/raid1: stop mdx_raid1 thread when raid1 array run failed","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: stop mdx_raid1 thread when raid1 array run failed\n\nfail run raid1 array when we assemble array with the inactive disk only,\nbut the mdx_raid1 thread were not stop, Even if the associated resources\nhave been released. it will caused a NULL dereference when we do poweroff.\n\nThis causes the following Oops:\n    [  287.587787] BUG: kernel NULL pointer dereference, address: 0000000000000070\n    [  287.594762] #PF: supervisor read access in kernel mode\n    [  287.599912] #PF: error_code(0x0000) - not-present page\n    [  287.605061] PGD 0 P4D 0\n    [  287.607612] Oops: 0000 [#1] SMP NOPTI\n    [  287.611287] CPU: 3 PID: 5265 Comm: md0_raid1 Tainted: G     U            5.10.146 #0\n    [  287.619029] Hardware name: xxxxxxx/To be filled by O.E.M, BIOS 5.19 06/16/2022\n    [  287.626775] RIP: 0010:md_check_recovery+0x57/0x500 [md_mod]\n    [  287.632357] Code: fe 01 00 00 48 83 bb 10 03 00 00 00 74 08 48 89 ......\n    [  287.651118] RSP: 0018:ffffc90000433d78 EFLAGS: 00010202\n    [  287.656347] RAX: 0000000000000000 RBX: ffff888105986800 RCX: 0000000000000000\n    [  287.663491] RDX: ffffc90000433bb0 RSI: 00000000ffffefff RDI: ffff888105986800\n    [  287.670634] RBP: ffffc90000433da0 R08: 0000000000000000 R09: c0000000ffffefff\n    [  287.677771] R10: 0000000000000001 R11: ffffc90000433ba8 R12: ffff888105986800\n    [  287.684907] R13: 0000000000000000 R14: fffffffffffffe00 R15: ffff888100b6b500\n    [  287.692052] FS:  0000000000000000(0000) GS:ffff888277f80000(0000) knlGS:0000000000000000\n    [  287.700149] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n    [  287.705897] CR2: 0000000000000070 CR3: 000000000320a000 CR4: 0000000000350ee0\n    [  287.713033] Call Trace:\n    [  287.715498]  raid1d+0x6c/0xbbb [raid1]\n    [  287.719256]  ? __schedule+0x1ff/0x760\n    [  287.722930]  ? schedule+0x3b/0xb0\n    [  287.726260]  ? schedule_timeout+0x1ed/0x290\n    [  287.730456]  ? __switch_to+0x11f/0x400\n    [  287.734219]  md_thread+0xe9/0x140 [md_mod]\n    [  287.738328]  ? md_thread+0xe9/0x140 [md_mod]\n    [  287.742601]  ? wait_woken+0x80/0x80\n    [  287.746097]  ? md_register_thread+0xe0/0xe0 [md_mod]\n    [  287.751064]  kthread+0x11a/0x140\n    [  287.754300]  ? kthread_park+0x90/0x90\n    [  287.757974]  ret_from_fork+0x1f/0x30\n\nIn fact, when raid1 array run fail, we need to do\nmd_unregister_thread() before raid1_free().","modified":"2026-04-02T08:28:43.186601Z","published":"2025-12-24T12:22:39.763Z","related":["SUSE-SU-2026:0263-1","SUSE-SU-2026:0316-1","SUSE-SU-2026:0317-1","SUSE-SU-2026:0411-1","SUSE-SU-2026:0617-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50715.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0c7c7468c3ae222e297b7dc74d6ccb69c4d0183c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/10d713532ffc67b13df61ed9c138a8ce0a186236"},{"type":"WEB","url":"https://git.kernel.org/stable/c/110f14a7b2eb5b8aa9df5af2d629524f2a07d543"},{"type":"WEB","url":"https://git.kernel.org/stable/c/19d5a0e17aba92b10d895e40ec782768cf00da23"},{"type":"WEB","url":"https://git.kernel.org/stable/c/22be44212cad8be96860346882d8e694b0b437b6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a3cc41e05e8af340a2a759b168c29fffdb9194eb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b611ad14006e5be2170d9e8e611bf49dff288911"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d26364596db8f8b55277b2afb3952e05a4057a21"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d684ceb77311410aeaf5189d321f9f564838c49a"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50715.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-50715"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"5bad5054ecd83c866502f0370edfc9aa55dc9aa7"},{"fixed":"d684ceb77311410aeaf5189d321f9f564838c49a"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"440c3706f1d1835d24ba5b4bbe6515e0a97e886c"},{"fixed":"110f14a7b2eb5b8aa9df5af2d629524f2a07d543"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"f1db75622996af402deea9c018deb8e869ce7548"},{"fixed":"0c7c7468c3ae222e297b7dc74d6ccb69c4d0183c"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"07f1a6850c5d5a65c917c3165692b5179ac4cb6b"},{"fixed":"19d5a0e17aba92b10d895e40ec782768cf00da23"},{"fixed":"10d713532ffc67b13df61ed9c138a8ce0a186236"},{"fixed":"a3cc41e05e8af340a2a759b168c29fffdb9194eb"},{"fixed":"22be44212cad8be96860346882d8e694b0b437b6"},{"fixed":"d26364596db8f8b55277b2afb3952e05a4057a21"},{"fixed":"b611ad14006e5be2170d9e8e611bf49dff288911"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"b8c11e01be7f7fcbda697e8cf9aa1f4ec65816f6"},{"last_affected":"18a00f37f418838fbe2036f425a1ea04f93c473c"},{"last_affected":"d6092a9624ce32491e298f6b248b6ab31b2bbc5a"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50715.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.9.337"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.10.0"},{"fixed":"4.14.303"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.270"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.229"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.4.0"},{"fixed":"5.10.163"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.15.86"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"6.0.16"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.2"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50715.json"}}],"schema_version":"1.7.5"}