CVE-2022-50731NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 89.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: akcipher - default implementation for setting a private key Changes from v1: * removed the default implementation from set_pub_key: it is assumed that an implementation must always have this callback defined as there are no use case for an algorithm, which doesn't need a public key Many akcipher implementations (like ECDSA) support only signature verifications, so they don't have all callbacks defined. Commit 78a0324

Affected Packages4 packages

Linuxlinux/linux_kernel5.2.05.4.220+4
Debianlinux/linux_kernel< 5.10.158-1+3
CVEListV5linux/linux78a0324f4a5328088fea9426cfe1d1851276c47595c4e20adc3ea00d1594a2a05d9b187ed12ffa8e+6
debiandebian/linux< linux 6.0.3-1 (bookworm)

🔴Vulnerability Details

3
OSV
crypto: akcipher - default implementation for setting a private key2025-12-24
OSV
CVE-2022-50731: In the Linux kernel, the following vulnerability has been resolved: crypto: akcipher - default implementation for setting a private key Changes from v2025-12-24
GHSA
GHSA-26jg-99jv-7wgw: In the Linux kernel, the following vulnerability has been resolved: crypto: akcipher - default implementation for setting a private key Changes from2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel: Denial of Service in akcipher due to missing set_priv_key stub2025-12-24
Debian
CVE-2022-50731: linux - In the Linux kernel, the following vulnerability has been resolved: crypto: akc...2022

🕵️Threat Intelligence

1
Wiz
CVE-2022-50731 Impact, Exploitability, and Mitigation Steps | Wiz