CVE intelligence and bounded remediation
CVE-2022-50406 — Linux Linux Kernel security vulnerability
In the Linux kernel, the following vulnerability has been resolved: iomap: iomap: fix memory corruption when recording errors during writeback Every now and then I see this crash on arm64: Unable to handle kernel NULL pointer dereference at virtual address 00000000000000f8 Buffer I/O error on dev dm-0, logical block 8733687, async page read Mem abort info: ESR = 0x0000000096000006 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x06: level 2 translation fault Data abort info: ISV = 0, ISS = 0x00000006 CM = 0, WnR = 0 user pgtable: 64k pages, 42-bit VAs, pgdp=0000000139750000 [00000000000000f8] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000, pmd=0000000000000000 Internal error: Oops: 96000006 [#1] PREEMPT SMP Buffer I/O error on dev dm-0, logical block 8733688, async page read Dumping ftrace buffer: Buffer I/O error on dev dm-0, logical block 8733689, async page read (ftrace buffer empty) XFS (dm-0): log I/O error -5 Modules linked in: dm_thin_pool dm_persistent_data XFS (dm-0): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x1ec/0x590 [xfs] (fs/xfs/xfs_trans_buf.c:296). dm_bio_prison XFS (dm-0): Please unmount the…
- Severity
- High
- CVSS
- 7.8 (3.1)
- Published
- 2025-09-18
- CISA KEV
- Not currently listed
- Ecosystem
- linux/kernel
- Weaknesses
- CWE-787
Affected products
- linux / linux_kernel
Matched remediation archetype
Buffer bounds, memory safety, and memory corruption
This catalog composition supplies bounded fallback guidance. Explicitly reviewed curated workflows load with the complete record below.
Check exposure
- Identify affected native-code versions, build flags, architectures, parsers, codecs, drivers, and input paths in all shipped artifacts.
- Determine whether untrusted data reaches the affected routine and the process privilege, sandbox, and network exposure.
- Confirm statically linked, vendored, firmware, and platform-provided copies, not only package-manager records.
Remediate safely
- Apply the maintained upstream correction or replace the affected component, then rebuild every dependent artifact from clean inputs.
- Adopt bounds-checked interfaces, validated sizes and integer conversions, clear ownership, and memory-safe components where practical.
- Enable supported compiler and runtime hardening and add sanitized tests and fuzz regression seeds derived from non-weaponized fixtures.
Authoritative sources
Complete CVE record and remediation plan
The detailed catalog view below loads this exact record, its source evidence, and the full seven-phase agentic change plan.