CVE-2022-50866 — NULL Pointer Dereference in Linux

CWE-476 — NULL Pointer Dereference7 documents6 sources

Severity

4.5MEDIUM

No vector

EPSS

0.1%

top 79.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: fix null-pointer dereference in filter() kasprintf() would return NULL pointer when kmalloc() fail to allocate. Need to check the return pointer before calling strcmp().

Affected Packages4 packages

▶Linuxlinux/linux_kernel3.6.0 — 4.9.337+7

▶Debianlinux/linux_kernel< 5.10.178-1+3

▶CVEListV5linux/linux7a824e214e25a49442fe868dac0af8a904b24f58 — 3ec75e0ea9550b8f2e531172f2e67ba9d5227ec3+9

▶debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

OSV

CVE-2022-50866: In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: fix null-pointer dereference in filter() kasprintf() would return NULL↗2025-12-30

▶

OSV

ASoC: pxa: fix null-pointer dereference in filter()↗2025-12-30

▶

GHSA

GHSA-c7hq-p57p-3cg2: In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: fix null-pointer dereference in filter() kasprintf() would return NUL↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: ASoC: pxa: fix null-pointer dereference in filter()↗2025-12-30

▶

Debian

CVE-2022-50866: linux - In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: ...↗2022

▶

🕵️Threat Intelligence

Wiz

CVE-2022-50866 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶