CVE-2022-50453NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 97.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 1

Description

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can crash the kernel by requesting lines, unbinding the GPIO device, then calling any of the system calls relevant to the GPIO character device's annonymous file descriptors: ioctl(), read(), poll(). While I observed it with the GPIO simulator, it will also happen for any of the GPIO devices that can be hot-unplugged - for instance any HID GPIO exp

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel4.85.10.163+3
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linuxd7c51b47ac11e66f547b55640405c1c474642d726d79546622baab843172b52c3af035f83c1b21df+5
debiandebian/linux< linux 6.1.4-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-c44q-mxrg-grc2: In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we c2025-10-01
OSV
CVE-2022-50453: In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can2025-10-01

📋Vendor Advisories

2
Red Hat
kernel: gpiolib: cdev: fix NULL-pointer dereferences2025-10-01
Debian
CVE-2022-50453: linux - In the Linux kernel, the following vulnerability has been resolved: gpiolib: cd...2022