-

CVE-2022-50087

EPSS 0.04%
Veröffentlicht 18.06.2025 11:02:28
Zuletzt bearbeitet 18.06.2025 13:47:40
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails

When scpi probe fails, at any point, we need to ensure that the scpi_info
is not set and will remain NULL until the probe succeeds. If it is not
taken care, then it could result use-after-free as the value is exported
via get_scpi_ops() and could refer to a memory allocated via devm_kzalloc()
but freed when the probe fails.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 5aa558232edc30468d1f35108826dd5b3ffe978f

Version 8cb7cf56c9fe5412de238465b27ef35b4d2801aa

Status affected

Version < 18048cba444a7c41dbf42c180d6b46606fc24c51

Version 8cb7cf56c9fe5412de238465b27ef35b4d2801aa

Status affected

Version < 08272646cd7c310642c39b7f54348fddd7987643

Version 8cb7cf56c9fe5412de238465b27ef35b4d2801aa

Status affected

Version < 0c29e149b6bb498778ed8a1c9597b51acfba7856

Version 8cb7cf56c9fe5412de238465b27ef35b4d2801aa

Status affected

Version < 87c4896d5dd7fd9927c814cf3c6289f41de3b562

Version 8cb7cf56c9fe5412de238465b27ef35b4d2801aa

Status affected

Version < 4f2d7b46d6b53c07f44a4f8f8f4438888f0e9e87

Version 8cb7cf56c9fe5412de238465b27ef35b4d2801aa

Status affected

Version < 689640efc0a2c4e07e6f88affe6d42cd40cc3f85

Version 8cb7cf56c9fe5412de238465b27ef35b4d2801aa

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.4

Status affected

Version < 4.4

Version 0

Status unaffected

Version <= 4.19.*

Version 4.19.256

Status unaffected

Version <= 5.4.*

Version 5.4.211

Status unaffected

Version <= 5.10.*

Version 5.10.137

Status unaffected

Version <= 5.15.*

Version 5.15.61

Status unaffected

Version <= 5.18.*

Version 5.18.18

Status unaffected

Version <= 5.19.*

Version 5.19.2

Status unaffected

Version <= *

Version 6.0

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.094

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/5aa558232edc30468d1f35108826dd5b3ffe978f

https://git.kernel.org/stable/c/18048cba444a7c41dbf42c180d6b46606fc24c51

https://git.kernel.org/stable/c/08272646cd7c310642c39b7f54348fddd7987643

https://git.kernel.org/stable/c/0c29e149b6bb498778ed8a1c9597b51acfba7856

https://git.kernel.org/stable/c/87c4896d5dd7fd9927c814cf3c6289f41de3b562

https://git.kernel.org/stable/c/4f2d7b46d6b53c07f44a4f8f8f4438888f0e9e87

https://git.kernel.org/stable/c/689640efc0a2c4e07e6f88affe6d42cd40cc3f85

https://nvd.nist.gov/vuln/detail/CVE-2022-50087

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50087

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50087

EUVD