CVE-2022-50452NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 97.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 1

Description

In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null pointer access issue when cake_init() fails When the default qdisc is cake, if the qdisc of dev_queue fails to be inited during mqprio_init(), cake_reset() is invoked to clear resources. In this case, the tins is NULL, and it will cause gpf issue. The process is as follows: qdisc_create_dflt() cake_init() q->tins = kvcalloc(...) --->failed, q->tins is NULL ... qdisc_put() ... cake_reset() ... cake_d

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel4.194.19.264+5
Debianlinux/linux_kernel< 5.10.158-1+3
CVEListV5linux/linux046f6fd5daefac7f5abdafb436b30f63bc7c602b86aa1390898146f1de277bb6d2a8ed7fc7a43f12+6
debiandebian/linux< linux 6.0.6-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2022-50452: In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null pointer access issue when cake_init() fails When the de2025-10-01
GHSA
GHSA-x9pv-29h8-5m3m: In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null pointer access issue when cake_init() fails When the2025-10-01

📋Vendor Advisories

2
Red Hat
kernel: net: sched: cake: fix null pointer access issue when cake_init() fails2025-10-01
Debian
CVE-2022-50452: linux - In the Linux kernel, the following vulnerability has been resolved: net: sched:...2022