5.5

CVE-2022-50236

EPSS 0.01%
Veröffentlicht 15.09.2025 14:01:42
Zuletzt bearbeitet 24.11.2025 17:35:33
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

iommu/mediatek: Fix crash on isr after kexec()

In the Linux kernel, the following vulnerability has been resolved:

iommu/mediatek: Fix crash on isr after kexec()

If the system is rebooted via isr(), the IRQ handler might
be triggered before the domain is initialized. Resulting on
an invalid memory access error.

Fix:
[    0.500930] Unable to handle kernel read from unreadable memory at virtual address 0000000000000070
[    0.501166] Call trace:
[    0.501174]  report_iommu_fault+0x28/0xfc
[    0.501180]  mtk_iommu_isr+0x10c/0x1c0

[ joro: Fixed spelling in commit message ]

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

NVD 2 VulnDex Vulnerability Enrichment 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 4.6 < 6.0.17

Linux ≫ Linux Kernel Version >= 6.1 < 6.1.3

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.008

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

https://git.kernel.org/stable/c/f13acee780cedb3e06a6dadf64d9104cccd2b9fc

Patch

https://git.kernel.org/stable/c/85cc8a187f2de7a91e2cea522e9406fa12999269

Patch

https://git.kernel.org/stable/c/00ef8885a945c37551547d8ac8361cacd20c4e42

Patch

https://nvd.nist.gov/vuln/detail/CVE-2022-50236

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50236

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50236

EUVD