Vulnerability Database

319,703

Total vulnerabilities in the database

CVE-2022-50494

In the Linux kernel, the following vulnerability has been resolved:

thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash

When CPU 0 is offline and intel_powerclamp is used to inject idle, it generates kernel BUG:

BUG: using smp_processor_id() in preemptible [00000000] code: bash/15687 caller is debug_smp_processor_id+0x17/0x20 CPU: 4 PID: 15687 Comm: bash Not tainted 5.19.0-rc7+ #57 Call Trace: <TASK> dump_stack_lvl+0x49/0x63 dump_stack+0x10/0x16 check_preemption_disabled+0xdd/0xe0 debug_smp_processor_id+0x17/0x20 powerclamp_set_cur_state+0x7f/0xf9 [intel_powerclamp] ... ...

Here CPU 0 is the control CPU by default and changed to the current CPU, if CPU 0 offlined. This check has to be performed under cpus_read_lock(), hence the above warning.

Use get_cpu() instead of smp_processor_id() to avoid this BUG.

[ rjw: Subject edits ]

  • Published: Oct 4, 2025
  • Updated: Jan 24, 2026
  • CVE: CVE-2022-50494
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

No CWE or OWASP classifications available.

Software From Fixed in
linux / linux_kernel 3.9 4.9.331
linux / linux_kernel 4.10 4.14.296
linux / linux_kernel 4.15 4.19.262
linux / linux_kernel 4.20 5.4.220
linux / linux_kernel 5.5 5.10.150
linux / linux_kernel 5.11 5.15.75
linux / linux_kernel 5.16 5.19.17
linux / linux_kernel 6.0 6.0.3