CVE-2022-50412Expired Pointer Dereference in Linux

CWE-825Expired Pointer Dereference5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 95.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 18

Description

In the Linux kernel, the following vulnerability has been resolved: drm: bridge: adv7511: unregister cec i2c device after cec adapter cec_unregister_adapter() assumes that the underlying adapter ops are callable. For example, if the CEC adapter currently has a valid physical address, then the unregistration procedure will invalidate the physical address by setting it to f.f.f.f. Whence the following kernel oops observed after removing the adv7511 module: Unable to handle kernel execution of u

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel4.155.10.234+3
Debianlinux/linux_kernel< 5.10.234-1+3
CVEListV5linux/linux3b1b975003e4a3da4b93ab032487a3ae4afca7b53747465c5da7a11957a34bbb9485d9fc253b91cc+5
debiandebian/linux< linux 6.0.3-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2022-50412: In the Linux kernel, the following vulnerability has been resolved: drm: bridge: adv7511: unregister cec i2c device after cec adapter cec_unregister_a2025-09-18
GHSA
GHSA-wj9m-5hmc-xhpp: In the Linux kernel, the following vulnerability has been resolved: drm: bridge: adv7511: unregister cec i2c device after cec adapter cec_unregister2025-09-18

📋Vendor Advisories

2
Red Hat
kernel: drm: bridge: adv7511: unregister cec i2c device after cec adapter2025-09-18
Debian
CVE-2022-50412: linux - In the Linux kernel, the following vulnerability has been resolved: drm: bridge...2022
CVE-2022-50412 — Expired Pointer Dereference in Linux | cvebase