CVE-2022-50085 in Linux
Summary
by MITRE • 06/18/2025
In the Linux kernel, the following vulnerability has been resolved:
dm raid: fix address sanitizer warning in raid_resume
There is a KASAN warning in raid_resume when running the lvm test lvconvert-raid.sh. The reason for the warning is that mddev->raid_disks is greater than rs->raid_disks, so the loop touches one entry beyond the allocated length.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 11/30/2025
The vulnerability CVE-2022-50085 represents a memory access boundary issue within the Linux kernel's device mapper raid subsystem that manifests as a kernel address sanitizer (KASAN) warning. This flaw occurs specifically during the raid_resume function execution when processing LVM raid conversion tests, indicating a potential security risk that could be exploited to gain unauthorized access to kernel memory regions or cause system instability. The issue stems from improper bounds checking in the raid management code where the system attempts to access memory beyond the allocated buffer boundaries.
The technical root cause involves a mismatch between two critical variables within the raid management structure: mddev->raid_disks and rs->raid_disks. When mddev->raid_disks exceeds rs->raid_disks, the loop iterating through the raid array attempts to access one entry beyond the allocated memory length, creating a classic buffer overflow condition. This scenario violates fundamental memory safety principles and can lead to unpredictable behavior including kernel panics, data corruption, or potential privilege escalation. The vulnerability is classified under CWE-129 as an "Improper Validation of Array Index" and specifically relates to improper bounds checking in kernel memory management operations.
The operational impact of this vulnerability extends beyond simple memory corruption as it affects the stability and reliability of Linux systems utilizing device mapper raid functionality. When triggered during lvm test execution, particularly the lvconvert-raid.sh test script, the system may experience unexpected crashes or data integrity issues that could compromise storage operations. This vulnerability could be particularly dangerous in enterprise environments where raid configurations are common and system stability is critical. The attack surface is limited to systems running affected kernel versions that execute the specific LVM raid conversion tests, but the potential for exploitation exists through crafted inputs or by manipulating the raid configuration parameters.
Mitigation strategies should focus on applying the official kernel patch that resolves the bounds checking issue in the raid_resume function by ensuring proper validation of mddev->raid_disks against rs->raid_disks before array access operations. System administrators should prioritize kernel updates to versions containing the fix, as the vulnerability represents a direct threat to kernel memory safety. Additional protective measures include monitoring for KASAN warnings in system logs, implementing proper input validation for raid configuration parameters, and conducting thorough testing of raid operations after patch application. The vulnerability demonstrates the importance of rigorous memory validation in kernel space operations and highlights the need for comprehensive testing of storage subsystems under various operational conditions. Organizations should also consider implementing runtime protections and monitoring systems to detect similar boundary condition issues in other kernel subsystems that may present analogous security risks.