What is CVE-2022-50210?

CVE-2022-50210 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10, affecting Linux kernel versions from 2.6.29 onward and patched in 4.9.326, 4.14.291, 4.19.256 and others. CVE-2022-50210 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2022-50210?

CVE-2022-50210 has a CVSS score of 5.5 out of 10, rated Medium severity. The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Is there a patch available for CVE-2022-50210?

Yes, CVE-2022-50210 has been patched. Fixed versions include 4.9.326, 4.14.291, 4.19.256 and others. If you are running Linux kernel 2.6.29 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2022-50210 actively exploited?

CVE-2022-50210 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2022-50210

Medium

In the Linux kernel, the following vulnerability has been resolved: MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK When CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS is selected, cpu_max_bits_warn() generates a runtime warning similar as below while we show /proc/cpuinfo. Fix this by using nr_cpu_ids (the runtime limit) instead of NR_CPUS to iterate CPUs. [ 3.052463] ------------[ cut here ]------------ [ 3.059679] WARNING: CPU: 3 PID: 1 at include/linux/cpumask.h:108 show_cpuinfo+0x5e8/0x5f0 [ 3.070072] Modules linked in: efivarfs autofs4 [ 3.076257] CPU: 0 PID: 1 Comm: systemd Not tainted 5.19-rc5+ #1052 [ 3.084034] Hardware name: Loongson Loongson-3A4000-7A1000-1w-V0.1-CRB/Loongson-LS3A4000-7A1000-1w-EVB-V1.21, BIOS Loongson-UDK2018-V2.0.04082-beta7 04/27 [ 3.099465] Stack : 9000000100157b08 9000000000f18530 9000000000cf846c 9000000100154000 [ 3.109127] 9000000100157a50 0000000000000000 9000000100157a58 9000000000ef7430 [ 3.118774] 90000001001578e8 0000000000000040 0000000000000020 ffffffffffffffff [ 3.128412] 0000000000aaaaaa 1ab25f00eec96a37 900000010021de80 900000000101c890 [ 3.138056] 0000000000000000 0000000000000000 0000000000000000 0000000000aaaaaa [ 3.147711] ffff8000339dc220 0000000000000001 0000000006ab4000 0000000000000000 [ 3.157364] 900000000101c998 0000000000000004 9000000000ef7430 0000000000000000 [ 3.167012] 0000000000000009 000000000000006c 0000000000000000 0000000000000000 [ 3.176641] 9000000000d3de08 9000000001639390 90000000002086d8 00007ffff0080286 [ 3.186260] 00000000000000b0 0000000000000004 0000000000000000 0000000000071c1c [ 3.195868] ... [ 3.199917] Call Trace: [ 3.203941] [<98000000002086d8>] show_stack+0x38/0x14c [ 3.210666] [<9800000000cf846c>] dump_stack_lvl+0x60/0x88 [ 3.217625] [<980000000023d268>] __warn+0xd0/0x100 [ 3.223958] [<9800000000cf3c90>] warn_slowpath_fmt+0x7c/0xcc [ 3.231150] [<9800000000210220>] show_cpuinfo+0x5e8/0x5f0 [ 3.238080] [<98000000004f578c>] seq_read_iter+0x354/0x4b4 [ 3.245098] [<98000000004c2e90>] new_sync_read+0x17c/0x1c4 [ 3.252114] [<98000000004c5174>] vfs_read+0x138/0x1d0 [ 3.258694] [<98000000004c55f8>] ksys_read+0x70/0x100 [ 3.265265] [<9800000000cfde9c>] do_syscall+0x7c/0x94 [ 3.271820] [<9800000000202fe4>] handle_syscall+0xc4/0x160 [ 3.281824] ---[ end trace 8b484262b4b8c24c ]---

Package Linux Kernel

Published 2025-06-18

Last modified 2025-11-19

CVSS version 3.1

Patch available

Yes

CVSS 3.1 score

5.5

out of 10

Medium

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

High

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected versions

Linux kernel versions 2.6.29 and later are affected. Fixed in 4.9.326, 4.14.291, 4.19.256, 5.4.211, 5.10.137, 5.15.61, 5.18.18, 5.19.2, 6.0 and their respective stable series.

Affected from

≥ 2.6.29

Fixed in

✓ 4.9.326 4.9.x ✓ 4.14.291 4.14.x ✓ 4.19.256 4.19.x ✓ 5.4.211 5.4.x ✓ 5.10.137 5.10.x ✓ 5.15.61 5.15.x ✓ 5.18.18 5.18.x ✓ 5.19.2 5.19.x ✓ 6.0

References

The following references provide additional information about CVE-2022-50210 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/274e44e2123417e0924c90d4b4531913b5f3aa2e
Patch
Kernel patch commit
https://git.kernel.org/stable/c/4cb392956ae392aec4aa06e661a0bb9146b0bace
Patch
Kernel patch commit
https://git.kernel.org/stable/c/7d305823e02217b29d41fca67e3cef87fd7bd688
Patch

9 patch commits total View all on NVD

Details

CVE ID CVE-2022-50210

Severity Medium

CVSS score 5.5 / 10

CVSS version 3.1

Published 2025-06-18

Modified 2025-11-19

KEV No

Patch

Yes

Package linux

Frequently asked questions

What is CVE-2022-50210?

CVE-2022-50210 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10 . It affects Linux kernel versions from 2.6.29 onward and has been patched in 4.9.326, 4.14.291, 4.19.256 and others. CVE-2022-50210 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
What is the CVSS score for CVE-2022-50210?

CVE-2022-50210 has a CVSS score of 5.5 out of 10, rated Medium severity (CVSS 3.1). The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.
Is there a patch available for CVE-2022-50210?

Yes — CVE-2022-50210 has been patched. Fixed versions include 4.9.326, 4.14.291, 4.19.256 and others. If you are running Linux kernel 2.6.29 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2022-50210 actively exploited?

No — CVE-2022-50210 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.