In the Linux kernel, the following vulnerability has been resolved:
riscv:uprobe fix SR_SPIE set/clear handling
In riscv the process of uprobe going to clear spie before exec
the origin insn,and set spie after that.But When access the page
which origin insn has been placed a page fault may happen and
irq was disabled in arch_uprobe_pre_xol function,It cause a WARN
as follows.
There is no need to clear/set spie in arch_uprobe_pre/post/abort_xol.
We can just remove it.
[ 31.684157] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1488
[ 31.684677] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 76, name: work
[ 31.684929] preempt_count: 0, expected: 0
[ 31.685969] CPU: 2 PID: 76 Comm: work Tainted: G
[ 31.686542] Hardware name: riscv-virtio,qemu (DT)
[ 31.686797] Call Trace:
[ 31.687053] [<ffffffff80006442>] dump_backtrace+0x30/0x38
[ 31.687699] [<ffffffff80812118>] show_stack+0x40/0x4c
[ 31.688141] [<ffffffff8081817a>] dump_stack_lvl+0x44/0x5c
[ 31.688396] [<ffffffff808181aa>] dump_stack+0x18/0x20
[ 31.688653] [<ffffffff8003e454>] __might_resched+0x114/0x122
[ 31.688948] [<ffffffff8003e4b2>] __might_sleep+0x50/0x7a
[ 31.689435] [<ffffffff80822676>] down_read+0x30/0x130
[ 31.689728] [<ffffffff8000b650>] do_page_fault+0x166/x446
[ 31.689997] [<ffffffff80003c0c>] ret_from_exception+0x0/0xc
Security readout for executives and security teams
Plain-English summary
This is a Linux kernel RISC-V bug in uprobe handling. During tracing or instrumentation, a page fault can happen while interrupts are disabled, causing a kernel warning. The sources provide no CVSS, CWE, privilege impact, or exploitation evidence, so urgency depends on whether you run affected RISC-V Linux systems using uprobes.
Executive priority
Prioritize as a targeted Linux RISC-V hygiene fix, not an enterprise-wide emergency from current evidence. Patch affected RISC-V fleets through normal kernel maintenance unless those systems are stability-critical or heavily use tracing instrumentation.
Technical view
On RISC-V, uprobe pre/post/abort XOL handling cleared and restored SR_SPIE. If accessing the original instruction page faults, the kernel enters a sleeping path with IRQs disabled, triggering an invalid-context warning. The upstream fix removes unnecessary SR_SPIE manipulation in arch_uprobe_pre_xol, post_xol, and abort_xol.
Likely exposure
Exposure appears limited to Linux on RISC-V with affected kernel versions or downstream builds carrying the vulnerable uprobe logic. Organizations without RISC-V Linux systems are unlikely to be exposed based on the provided sources.
Exploitation context
The bundle does not cite active exploitation, public exploit code, KEV listing, CVSS, or a demonstrated security impact beyond the kernel warning path. Treat exploitability and attacker requirements as not established from the available evidence.
Researcher notes
The source evidence is narrow: it describes a RISC-V kernel uprobe state-handling bug and upstream stable commits. It does not establish confidentiality, integrity, availability impact, privilege boundary crossing, or exploit prerequisites. Validate by code lineage and backport status rather than relying only on package version labels.
Mitigation direction
Identify RISC-V Linux systems and their exact kernel versions or downstream build revisions.
Update to a kernel or vendor build containing the referenced upstream stable fixes.
If updates are delayed, review vendor guidance for supported temporary operational mitigations.
Track distribution advisories for backports because version strings alone may be misleading.
Validation and detection
Confirm whether deployed kernels include one of the referenced stable commits or equivalent backport.
Compare RISC-V assets against the affected versions listed in the CVE source bundle.
Review kernel logs for the cited invalid-context warning during uprobe or tracing activity.
Verify monitoring tools using uprobes after patching to detect regressions.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cve · low confidence lookup
CVE-2022-50225 mapping review
Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
0CVSS vectors
3Timeline events
0ADP providers
5Source links
Vulnerability timeline
Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.
CVE reservedCVE Program
The CVE ID was reserved by the assigning CNA.
CVE publishedCVE Program
The CVE record was published.
Jun 18, 2025, 11:03 UTC (UTC+00:00)
CVE updatedCVE Program
The CVE record metadata indicates this as the latest update time.