-

CVE-2022-50087

EPSS 0.04%
Published 18.06.2025 11:02:28
Last modified 18.06.2025 13:47:40
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails

When scpi probe fails, at any point, we need to ensure that the scpi_info
is not set and will remain NULL until the probe succeeds. If it is not
taken care, then it could result use-after-free as the value is exported
via get_scpi_ops() and could refer to a memory allocated via devm_kzalloc()
but freed when the probe fails.

Affected products Warnungen 0 Metrics 1 CWE 0 References 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < 5aa558232edc30468d1f35108826dd5b3ffe978f

Version 8cb7cf56c9fe5412de238465b27ef35b4d2801aa

Status affected

Version < 18048cba444a7c41dbf42c180d6b46606fc24c51

Version 8cb7cf56c9fe5412de238465b27ef35b4d2801aa

Status affected

Version < 08272646cd7c310642c39b7f54348fddd7987643

Version 8cb7cf56c9fe5412de238465b27ef35b4d2801aa

Status affected

Version < 0c29e149b6bb498778ed8a1c9597b51acfba7856

Version 8cb7cf56c9fe5412de238465b27ef35b4d2801aa

Status affected

Version < 87c4896d5dd7fd9927c814cf3c6289f41de3b562

Version 8cb7cf56c9fe5412de238465b27ef35b4d2801aa

Status affected

Version < 4f2d7b46d6b53c07f44a4f8f8f4438888f0e9e87

Version 8cb7cf56c9fe5412de238465b27ef35b4d2801aa

Status affected

Version < 689640efc0a2c4e07e6f88affe6d42cd40cc3f85

Version 8cb7cf56c9fe5412de238465b27ef35b4d2801aa

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 4.4

Status affected

Version < 4.4

Version 0

Status unaffected

Version <= 4.19.*

Version 4.19.256

Status unaffected

Version <= 5.4.*

Version 5.4.211

Status unaffected

Version <= 5.10.*

Version 5.10.137

Status unaffected

Version <= 5.15.*

Version 5.15.61

Status unaffected

Version <= 5.18.*

Version 5.18.18

Status unaffected

Version <= 5.19.*

Version 5.19.2

Status unaffected

Version <= *

Version 6.0

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.094

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/5aa558232edc30468d1f35108826dd5b3ffe978f

https://git.kernel.org/stable/c/18048cba444a7c41dbf42c180d6b46606fc24c51

https://git.kernel.org/stable/c/08272646cd7c310642c39b7f54348fddd7987643

https://git.kernel.org/stable/c/0c29e149b6bb498778ed8a1c9597b51acfba7856

https://git.kernel.org/stable/c/87c4896d5dd7fd9927c814cf3c6289f41de3b562

https://git.kernel.org/stable/c/4f2d7b46d6b53c07f44a4f8f8f4438888f0e9e87

https://git.kernel.org/stable/c/689640efc0a2c4e07e6f88affe6d42cd40cc3f85

https://nvd.nist.gov/vuln/detail/CVE-2022-50087

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50087

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50087

EUVD