CVE-2022-50417 — Use After Free in Linux

CWE-416 — Use After Free5 documents5 sources

Severity

7.8HIGHNVD

EPSS

0.0%

top 95.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedSep 18

Description

In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix GEM handle creation ref-counting panfrost_gem_create_with_handle() previously returned a BO but with the only reference being from the handle, which user space could in theory guess and release, causing a use-after-free. Additionally if the call to panfrost_gem_mapping_get() in panfrost_ioctl_create_bo() failed then a(nother) reference on the BO was dropped. The _create_with_handle() is a problematic pattern…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

▶NVDlinux/linux_kernel5.2 — 5.10.163+4

▶Debianlinux/linux_kernel< 5.10.178-1+3

▶CVEListV5linux/linuxf3ba91228e8e917e5bd6c4b72bfe846933d17370 — 0b70f6ea4d4f2b4d4b291d86ab76b4d07394932c+5

▶debiandebian/linux< linux 6.1.7-1 (bookworm)

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-pjx4-hm8g-pcg2: In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix GEM handle creation ref-counting panfrost_gem_create_with_hand↗2025-09-18

▶

OSV

CVE-2022-50417: In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix GEM handle creation ref-counting panfrost_gem_create_with_handle↗2025-09-18

▶

📋Vendor Advisories

Red Hat

kernel: drm/panfrost: Fix GEM handle creation ref-counting↗2025-09-18

▶

Debian

CVE-2022-50417: linux - In the Linux kernel, the following vulnerability has been resolved: drm/panfros...↗2022

▶