CVE-2022-50455Kernel vulnerability

2 documents2 sources
Severity
N/A
No vector
EPSS
No EPSS data
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Linux Kernel
Timeline
PublishedOct 1

Description

In the Linux kernel, the following vulnerability has been resolved: nfs: fix possible null-ptr-deref when parsing param According to commit "vfs: parse: deal with zero length string value", kernel will set the param->string to null pointer in vfs_parse_fs_string() if fs string has zero length. Yet the problem is that, nfs_fs_context_parse_param() will dereferences the param->string, without checking whether it is a null pointer, which may trigger a null-ptr-deref bug. This patch solves it by add

Affected Packages1 packages

Debianlinux/linux_kernel< 6.1.4-1+2

🔴Vulnerability Details

2
OSV
CVE-2022-50455: In the Linux kernel, the following vulnerability has been resolved: nfs: fix possible null-ptr-deref when parsing param According to commit "vfs: pars2025-10-01
GHSA
GHSA-hf6g-m6v3-8gj5: In the Linux kernel, the following vulnerability has been resolved: nfs: fix possible null-ptr-deref when parsing param According to commit "vfs: pa2025-10-01
CVE-2022-50455 — Linux Kernel vulnerability | cvebase