CVE-2022-50785 — Linux vulnerability

7 documents6 sources

Severity

5.3MEDIUM

No vector

EPSS

0.0%

top 93.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: fsi: occ: Prevent use after free Use get_device and put_device in the open and close functions to make sure the device doesn't get freed while a file descriptor is open. Also, lock around the freeing of the device buffer and check the buffer before using it in the submit function.

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.16.0 — 5.19.17+1

▶Debianlinux/linux_kernel< 6.0.3-1+2

▶CVEListV5linux/linux008d3825a805557464c5e75f9eb806a3aa2f5e6d — 1d5ad0a874ddfcee9f932f54b1d34cbe8b9ddcfe+3

▶debiandebian/linux< linux 6.0.3-1 (bookworm)

🔴Vulnerability Details

OSV

CVE-2022-50785: In the Linux kernel, the following vulnerability has been resolved: fsi: occ: Prevent use after free Use get_device and put_device in the open and clo↗2025-12-30

▶

OSV

fsi: occ: Prevent use after free↗2025-12-30

▶

GHSA

GHSA-wv6p-qh73-f5xp: In the Linux kernel, the following vulnerability has been resolved: fsi: occ: Prevent use after free Use get_device and put_device in the open and c↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: fsi: occ: Prevent use after free↗2025-12-30

▶

Debian

CVE-2022-50785: linux - In the Linux kernel, the following vulnerability has been resolved: fsi: occ: P...↗2022

▶

🕵️Threat Intelligence

Wiz

CVE-2022-50785 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶