-

CVE-2022-50384

EPSS 0.04%
Veröffentlicht 18.09.2025 13:33:05
Zuletzt bearbeitet 19.09.2025 16:00:46
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

staging: vme_user: Fix possible UAF in tsi148_dma_list_add

Smatch report warning as follows:

drivers/staging/vme_user/vme_tsi148.c:1757 tsi148_dma_list_add() warn:
  '&entry->list' not removed from list

In tsi148_dma_list_add(), the error path "goto err_dma" will not
remove entry->list from list->entries, but entry will be freed,
then list traversal may cause UAF.

Fix by removeing it from list->entries before free().

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 12

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 5cc4eea715a3fcf4e516662f736dfee63979465f

Version b2383c90a9d691201b9aee557776694cde86a935

Status affected

Version < 51c0ad3b7c5b01f9314758335a13f157b05fa56d

Version b2383c90a9d691201b9aee557776694cde86a935

Status affected

Version < e6b0adff99edf246ba1f8d464530a0438cb1cbda

Version b2383c90a9d691201b9aee557776694cde86a935

Status affected

Version < a45ba33d398a821147d7e5f16ead7eb125e331e2

Version b2383c90a9d691201b9aee557776694cde86a935

Status affected

Version < 5d2b286eb034af114f67d9967fc3fbc1829bb712

Version b2383c90a9d691201b9aee557776694cde86a935

Status affected

Version < 1f5661388f43df3ac106ce93e67d8d22b16a78ff

Version b2383c90a9d691201b9aee557776694cde86a935

Status affected

Version < cf138759a7e92c75cfc1b7ba705e4108fe330edf

Version b2383c90a9d691201b9aee557776694cde86a935

Status affected

Version < 85db68fc901da52314ded80aace99f8b684c7815

Version b2383c90a9d691201b9aee557776694cde86a935

Status affected

Version < 357057ee55d3c99a5de5abe8150f7bca04f8e53b

Version b2383c90a9d691201b9aee557776694cde86a935

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.2

Status affected

Version < 4.2

Version 0

Status unaffected

Version <= 4.9.*

Version 4.9.337

Status unaffected

Version <= 4.14.*

Version 4.14.303

Status unaffected

Version <= 4.19.*

Version 4.19.270

Status unaffected

Version <= 5.4.*

Version 5.4.229

Status unaffected

Version <= 5.10.*

Version 5.10.163

Status unaffected

Version <= 5.15.*

Version 5.15.86

Status unaffected

Version <= 6.0.*

Version 6.0.16

Status unaffected

Version <= 6.1.*

Version 6.1.2

Status unaffected

Version <= *

Version 6.2

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.127

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/5cc4eea715a3fcf4e516662f736dfee63979465f

https://git.kernel.org/stable/c/51c0ad3b7c5b01f9314758335a13f157b05fa56d

https://git.kernel.org/stable/c/e6b0adff99edf246ba1f8d464530a0438cb1cbda

https://git.kernel.org/stable/c/a45ba33d398a821147d7e5f16ead7eb125e331e2

https://git.kernel.org/stable/c/5d2b286eb034af114f67d9967fc3fbc1829bb712

https://git.kernel.org/stable/c/1f5661388f43df3ac106ce93e67d8d22b16a78ff

https://git.kernel.org/stable/c/cf138759a7e92c75cfc1b7ba705e4108fe330edf

https://git.kernel.org/stable/c/85db68fc901da52314ded80aace99f8b684c7815

https://git.kernel.org/stable/c/357057ee55d3c99a5de5abe8150f7bca04f8e53b

https://nvd.nist.gov/vuln/detail/CVE-2022-50384

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50384

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50384

EUVD