CVE-2022-50527NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference6 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 98.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 7
Latest updateApr 19

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix size validation for non-exclusive domains (v4) Fix amdgpu_bo_validate_size() to check whether the TTM domain manager for the requested memory exists, else we get a kernel oops when dereferencing "man". v2: Make the patch standalone, i.e. not dependent on local patches. v3: Preserve old behaviour and just check that the manager pointer is not NULL. v4: Complain if GTT domain requested and it is uninitialized--m

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel4.26.0.19+1
Debianlinux/linux_kernel< 6.1.7-1+2
CVEListV5linux/linuxd38ceaf99ed015f2a0b9af3499791bd3a3daae2180546eef216854a7bd47e39e828f04b406c00599+3
debiandebian/linux< linux 6.1.7-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
VulDB
Linux Kernel up to 6.0.18/6.1.4 amdgpu_bo_validate_size uninitialized pointer (Nessus ID 297090 / WID-SEC-2025-2229)2026-04-19
OSV
CVE-2022-50527: In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix size validation for non-exclusive domains (v4) Fix amdgpu_bo_valid2025-10-07
GHSA
GHSA-crpq-gx68-2jwq: In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix size validation for non-exclusive domains (v4) Fix amdgpu_bo_val2025-10-07

📋Vendor Advisories

2
Red Hat
kernel: drm/amdgpu: Fix size validation for non-exclusive domains (v4)2025-10-07
Debian
CVE-2022-50527: linux - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu:...2022