CVE-2022-50467 — NULL Pointer Dereference in Linux

CWE-476 — NULL Pointer Dereference6 documents6 sources

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 98.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +3 more

Timeline

PublishedOct 1

Latest updateOct 14

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFT_ID An error case exit from lpfc_cmpl_ct_cmd_gft_id() results in a call to lpfc_nlp_put() with a null pointer to a nodelist structure. Changed lpfc_cmpl_ct_cmd_gft_id() to initialize nodelist pointer upon entry.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages7 packages

▶NVDlinux/linux_kernel5.14 — 5.19.17+1

▶Debianlinux/linux_kernel< 6.0.3-1+2

▶CVEListV5linux/linux04c1d9c50ae32d6efd0b71024b3829051821c7a2 — 04e7cd8c85636a329d1a6e5a269a7c8b6f71c41c+3

▶debiandebian/linux< linux 6.0.3-1 (bookworm)

▶msrcmsrc/cbl2_kernel_5.15.186.1-1_on_cbl_mariner_2.0

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

OSV

CVE-2022-50467: In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFT_ID An erro↗2025-10-01

▶

GHSA

GHSA-vr9f-9rg5-qv8m: In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFT_ID An er↗2025-10-01

▶

📋Vendor Advisories

Microsoft

scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFT_ID↗2025-10-14

▶

Red Hat

kernel: scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFT_ID↗2025-10-01

▶

Debian

CVE-2022-50467: linux - In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc:...↗2022

▶