-
CVE-2022-50359
- EPSS 0.04%
- Published 17.09.2025 14:56:11
- Last modified 18.09.2025 13:43:34
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved: media: cx88: Fix a null-ptr-deref bug in buffer_prepare() When the driver calls cx88_risc_buffer() to prepare the buffer, the function call may fail, resulting in a empty buffer and null-ptr-deref later in buffer_queue(). The following log can reveal it: [ 41.822762] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI [ 41.824488] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 41.828027] RIP: 0010:buffer_queue+0xc2/0x500 [ 41.836311] Call Trace: [ 41.836945] __enqueue_in_driver+0x141/0x360 [ 41.837262] vb2_start_streaming+0x62/0x4a0 [ 41.838216] vb2_core_streamon+0x1da/0x2c0 [ 41.838516] __vb2_init_fileio+0x981/0xbc0 [ 41.839141] __vb2_perform_fileio+0xbf9/0x1120 [ 41.840072] vb2_fop_read+0x20e/0x400 [ 41.840346] v4l2_read+0x215/0x290 [ 41.840603] vfs_read+0x162/0x4c0 Fix this by checking the return value of cx88_risc_buffer() [hverkuil: fix coding style issues]
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
c76d04d2079a4b7369ce9a0e859c0f3f2250bcc1
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
10c99d1c46ea9cd940029e17bab11d021f315c21
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
4befc7ffa18ef9a4b70d854465313a345a06862f
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
9181af2dbf06e7f432e5dbe88d10b22343e851b9
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
c2257c8a501537afab276c306cb717b7260276e1
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
6f21976095c1e92454ab030976f95f40d652351b
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
704838040f3bdb4aa07ff4f26505a666a3defcfe
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
644d5a87ab1863eb606526ea743021752a17e9cb
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
2b064d91440b33fba5b452f2d1b31f13ae911d71
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version <=
4.9.*
Version
4.9.331
Status
unaffected
Version <=
4.14.*
Version
4.14.296
Status
unaffected
Version <=
4.19.*
Version
4.19.262
Status
unaffected
Version <=
5.4.*
Version
5.4.220
Status
unaffected
Version <=
5.10.*
Version
5.10.150
Status
unaffected
Version <=
5.15.*
Version
5.15.75
Status
unaffected
Version <=
5.19.*
Version
5.19.17
Status
unaffected
Version <=
6.0.*
Version
6.0.3
Status
unaffected
Version <=
*
Version
6.1
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.127 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|