5.5

CVE-2022-50327

ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value

In the Linux kernel, the following vulnerability has been resolved:

ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value

The return value of acpi_fetch_acpi_dev() could be NULL, which would
cause a NULL pointer dereference to occur in acpi_device_hid().

[ rjw: Subject and changelog edits, added empty line after if () ]
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.8 < 5.4.297
LinuxLinux Kernel Version >= 5.5 < 5.10.241
LinuxLinux Kernel Version >= 5.11 < 5.15.190
LinuxLinux Kernel Version >= 5.16 < 6.0.16
LinuxLinux Kernel Version >= 6.1 < 6.1.2
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.041
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/8e8b5f12ee4ab6f5d252c9ca062a4ada9554e6d9
Patch
https://git.kernel.org/stable/c/fdee7a0acc566c4194d40a501b8a1584e86cc208
Patch
https://git.kernel.org/stable/c/ad1190744da9d812da55b76f2afce750afb0a3bd
Patch
https://git.kernel.org/stable/c/2ecd629c788bbfb96be058edade2e934d3763eaf
Patch
https://git.kernel.org/stable/c/b85f0e292f73f353eea915499604fbf50c8238b4
Patch
https://git.kernel.org/stable/c/2437513a814b3e93bd02879740a8a06e52e2cf7d
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory