CVE-2022-50735NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference7 documents6 sources
Severity
5.1MEDIUM
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76u_status_worker if the device is not running Fix the following NULL pointer dereference avoiding to run mt76u_status_worker thread if the device is not running yet. KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] CPU: 0 PID: 98 Comm: kworker/u2:2 Not tainted 5.14.0+ #78 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/

Affected Packages4 packages

Linuxlinux/linux_kernel5.11.05.15.86+2
Debianlinux/linux_kernel< 6.1.4-1+2
CVEListV5linux/linux9daf27e62852d68c6ffc2c21090238ea51bb0a7f69346de0eb956fb92949b9473de4647d9c34a54f+4
debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2022-50735: In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76u_status_worker if the device is not running Fix the fo2025-12-24
GHSA
GHSA-5594-v4cp-2cvj: In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76u_status_worker if the device is not running Fix the2025-12-24
OSV
wifi: mt76: do not run mt76u_status_worker if the device is not running2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: wifi: mt76: do not run mt76u_status_worker if the device is not running2025-12-24
Debian
CVE-2022-50735: linux - In the Linux kernel, the following vulnerability has been resolved: wifi: mt76:...2022

🕵️Threat Intelligence

1
Wiz
CVE-2022-50735 Impact, Exploitability, and Mitigation Steps | Wiz