1. Home
  2. Vulnerabilities
  3. CVE-2022-50870
0.0
NA
CVE-2022-50870
powerpc/rtas: avoid device tree lookups in rtas_os_term()
Description

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtas_os_term() rtas_os_term() is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entails locking and local IRQ state changes. If the kernel panics while devtree_lock is held, rtas_os_term() as currently written could hang. Instead of discovering the relevant characteristics at panic time, cache them in file-static variables at boot. Note the lookup for "ibm,extended-os-term" is converted to of_property_read_bool() since it is a boolean property, not an RTAS function token. [mpe: Incorporate suggested change from Nick]

INFO

Published Date :

Dec. 30, 2025, 1:16 p.m.

Last Modified :

Dec. 30, 2025, 1:16 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products

The following products are affected by CVE-2022-50870 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

: Total Affected Vendor : 0 | Products : 0
Solution
Cache device tree characteristics at boot to avoid race conditions during panic.
  • Cache relevant device tree characteristics during boot.
  • Avoid device tree lookups in rtas_os_term during panic.
  • Convert 'ibm,extended-os-term' lookup to of_property_read_bool().
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2022-50870.

URL Resource
https://git.kernel.org/stable/c/06a07fbb32b3a23eec20a42b1e64474da0a3b33e
https://git.kernel.org/stable/c/464d10e8d797454e16a173ef1292a446b2adf21c
https://git.kernel.org/stable/c/698e682c849e356fb47a8be47ca8baa817cf31e0
https://git.kernel.org/stable/c/c2fa91abf22a705cf02f886cd99cff41f4ceda60
https://git.kernel.org/stable/c/d8939315b7342860df143afe0adda6212cdd3193
https://git.kernel.org/stable/c/e23822c7381c59d9e42e65771b6e17c71ed30ea7
https://git.kernel.org/stable/c/ed2213bfb192ab51f09f12e9b49b5d482c6493f3
https://git.kernel.org/stable/c/f2167f10fcca68ab9ae3f8d94d2c704c5541ac69
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2022-50870 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2022-50870 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2022-50870 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2022-50870 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Dec. 30, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtas_os_term() rtas_os_term() is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entails locking and local IRQ state changes. If the kernel panics while devtree_lock is held, rtas_os_term() as currently written could hang. Instead of discovering the relevant characteristics at panic time, cache them in file-static variables at boot. Note the lookup for "ibm,extended-os-term" is converted to of_property_read_bool() since it is a boolean property, not an RTAS function token. [mpe: Incorporate suggested change from Nick]
    Added Reference https://git.kernel.org/stable/c/06a07fbb32b3a23eec20a42b1e64474da0a3b33e
    Added Reference https://git.kernel.org/stable/c/464d10e8d797454e16a173ef1292a446b2adf21c
    Added Reference https://git.kernel.org/stable/c/698e682c849e356fb47a8be47ca8baa817cf31e0
    Added Reference https://git.kernel.org/stable/c/c2fa91abf22a705cf02f886cd99cff41f4ceda60
    Added Reference https://git.kernel.org/stable/c/d8939315b7342860df143afe0adda6212cdd3193
    Added Reference https://git.kernel.org/stable/c/e23822c7381c59d9e42e65771b6e17c71ed30ea7
    Added Reference https://git.kernel.org/stable/c/ed2213bfb192ab51f09f12e9b49b5d482c6493f3
    Added Reference https://git.kernel.org/stable/c/f2167f10fcca68ab9ae3f8d94d2c704c5541ac69
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.