CVE-2022-50378Use After Free in Linux

CWE-416Use After Free5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 95.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 18

Description

In the Linux kernel, the following vulnerability has been resolved: drm/meson: reorder driver deinit sequence to fix use-after-free bug Unloading the driver triggers the following KASAN warning: [ +0.006275] ============================================================= [ +0.000029] BUG: KASAN: use-after-free in __list_del_entry_valid+0xe0/0x1a0 [ +0.000026] Read of size 8 at addr ffff000020c395e0 by task rmmod/2695 [ +0.000019] CPU: 5 PID: 2695 Comm: rmmod Tainted: G C O 5.19.0-rc6-lrmbkasan

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel4.105.15.75+2
Debianlinux/linux_kernel< 6.0.3-1+2
CVEListV5linux/linuxbbbe775ec5b5dace43a35886da9924837da09dddd76ff04a72f90767455059c8239b06042cd0ed23+4
debiandebian/linux< linux 6.0.3-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2022-50378: In the Linux kernel, the following vulnerability has been resolved: drm/meson: reorder driver deinit sequence to fix use-after-free bug Unloading the2025-09-18
GHSA
GHSA-37xw-4ccx-fh4g: In the Linux kernel, the following vulnerability has been resolved: drm/meson: reorder driver deinit sequence to fix use-after-free bug Unloading th2025-09-18

📋Vendor Advisories

2
Red Hat
kernel: drm/meson: reorder driver deinit sequence to fix use-after-free bug2025-09-18
Debian
CVE-2022-50378: linux - In the Linux kernel, the following vulnerability has been resolved: drm/meson: ...2022
CVE-2022-50378 — Use After Free in Linux | cvebase