-

CVE-2022-50245

EPSS 0.04%
Veröffentlicht 15.09.2025 14:02:03
Zuletzt bearbeitet 15.09.2025 15:21:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

rapidio: fix possible UAF when kfifo_alloc() fails

If kfifo_alloc() fails in mport_cdev_open(), goto err_fifo and just free
priv. But priv is still in the chdev->file_list, then list traversal
may cause UAF. This fixes the following smatch warning:

drivers/rapidio/devices/rio_mport_cdev.c:1930 mport_cdev_open() warn: '&priv->list' not removed from list

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 12

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 2a6c75adf8192f07ddcdd4a1a13488c890a73919

Version e8de370188d098bb49483c287b44925957c3c9b6

Status affected

Version < 2dfd60724d271a6ab99f93f40f38f2ced1ddbb87

Version e8de370188d098bb49483c287b44925957c3c9b6

Status affected

Version < a253dde0403a153075ffb254f6f7b2635e49e97a

Version e8de370188d098bb49483c287b44925957c3c9b6

Status affected

Version < 311b488405ac45af46756b1c8f1d27007b68b07e

Version e8de370188d098bb49483c287b44925957c3c9b6

Status affected

Version < 5ee850645e42f541ce1ea8130c2b27cc495f965c

Version e8de370188d098bb49483c287b44925957c3c9b6

Status affected

Version < 2f5cc7fd73fd6253cc71214f0dd499cc62feb469

Version e8de370188d098bb49483c287b44925957c3c9b6

Status affected

Version < 2ba06e57f933f0eac242e8b389433da1cc00d4d5

Version e8de370188d098bb49483c287b44925957c3c9b6

Status affected

Version < cb87af2c19c0993f6e21f75b963a5599c5a73e76

Version e8de370188d098bb49483c287b44925957c3c9b6

Status affected

Version < 02d7d89f816951e0862147d751b1150d67aaebdd

Version e8de370188d098bb49483c287b44925957c3c9b6

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.6

Status affected

Version < 4.6

Version 0

Status unaffected

Version <= 4.9.*

Version 4.9.337

Status unaffected

Version <= 4.14.*

Version 4.14.303

Status unaffected

Version <= 4.19.*

Version 4.19.270

Status unaffected

Version <= 5.4.*

Version 5.4.229

Status unaffected

Version <= 5.10.*

Version 5.10.163

Status unaffected

Version <= 5.15.*

Version 5.15.86

Status unaffected

Version <= 6.0.*

Version 6.0.16

Status unaffected

Version <= 6.1.*

Version 6.1.2

Status unaffected

Version <= *

Version 6.2

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.126

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/2a6c75adf8192f07ddcdd4a1a13488c890a73919

https://git.kernel.org/stable/c/2dfd60724d271a6ab99f93f40f38f2ced1ddbb87

https://git.kernel.org/stable/c/a253dde0403a153075ffb254f6f7b2635e49e97a

https://git.kernel.org/stable/c/311b488405ac45af46756b1c8f1d27007b68b07e

https://git.kernel.org/stable/c/5ee850645e42f541ce1ea8130c2b27cc495f965c

https://git.kernel.org/stable/c/2f5cc7fd73fd6253cc71214f0dd499cc62feb469

https://git.kernel.org/stable/c/2ba06e57f933f0eac242e8b389433da1cc00d4d5

https://git.kernel.org/stable/c/cb87af2c19c0993f6e21f75b963a5599c5a73e76

https://git.kernel.org/stable/c/02d7d89f816951e0862147d751b1150d67aaebdd

https://nvd.nist.gov/vuln/detail/CVE-2022-50245

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50245

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50245

EUVD