CVE-2022-50819NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference7 documents6 sources
Severity
4.9MEDIUM
No vector
EPSS
0.0%
top 92.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf->sg = NULL if the creation of sg table fails When userspace tries to map the dmabuf and if for some reason (e.g. OOM) the creation of the sg table fails, ubuf->sg needs to be set to NULL. Otherwise, when the userspace subsequently closes the dmabuf fd, we'd try to erroneously free the invalid sg table from release_udmabuf resulting in the following crash reported by syzbot: general protection fault, probably

Affected Packages4 packages

Linuxlinux/linux_kernel5.6.05.10.150+3
Debianlinux/linux_kernel< 5.10.158-1+3
CVEListV5linux/linux284562e1f34874e267d4f499362c3816f8f6bc3fbbe2f6f90310b3a0b5de4e0dc022b36faabfd718+5
debiandebian/linux< linux 6.0.3-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-9gc9-2wr3-7fvp: In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf->sg = NULL if the creation of sg table fails When userspace tr2025-12-30
OSV
udmabuf: Set ubuf->sg = NULL if the creation of sg table fails2025-12-30
OSV
CVE-2022-50819: In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf->sg = NULL if the creation of sg table fails When userspace trie2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: udmabuf: Set ubuf->sg = NULL if the creation of sg table fails2025-12-30
Debian
CVE-2022-50819: linux - In the Linux kernel, the following vulnerability has been resolved: udmabuf: Se...2022

🕵️Threat Intelligence

1
Wiz
CVE-2022-50819 Impact, Exploitability, and Mitigation Steps | Wiz