-

CVE-2022-50454

EPSS 0.03%
Veröffentlicht 01.10.2025 12:15:38
Zuletzt bearbeitet 02.10.2025 19:12:17
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()

nouveau_bo_init() is backed by ttm_bo_init() and ferries its return code
back to the caller. On failures, ttm will call nouveau_bo_del_ttm() and
free the memory.Thus, when nouveau_bo_init() returns an error, the gem
object has already been released. Then the call to nouveau_bo_ref() will
use the freed "nvbo->bo" and lead to a use-after-free bug.

We should delete the call to nouveau_bo_ref() to avoid the use-after-free.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 56ee9577915dc06f55309901012a9ef68dbdb5a8

Version 019cbd4a4feb3aa3a917d78e7110e3011bbff6d5

Status affected

Version < 5d6093c49c098d86c7b136aba9922df44aeb6944

Version 019cbd4a4feb3aa3a917d78e7110e3011bbff6d5

Status affected

Version < 861f085f81fd569b02cc2c11165a9e6cca144424

Version 019cbd4a4feb3aa3a917d78e7110e3011bbff6d5

Status affected

Version < 3aeda2fe6517cc52663d4ce3588dd43f0d4124a7

Version 019cbd4a4feb3aa3a917d78e7110e3011bbff6d5

Status affected

Version < 7d80473e9f12548ac05b36af4fb9ce80f2f73509

Version 019cbd4a4feb3aa3a917d78e7110e3011bbff6d5

Status affected

Version < 540dfd188ea2940582841c1c220bd035a7db0e51

Version 019cbd4a4feb3aa3a917d78e7110e3011bbff6d5

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.4

Status affected

Version < 5.4

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.220

Status unaffected

Version <= 5.10.*

Version 5.10.150

Status unaffected

Version <= 5.15.*

Version 5.15.75

Status unaffected

Version <= 5.19.*

Version 5.19.17

Status unaffected

Version <= 6.0.*

Version 6.0.3

Status unaffected

Version <= *

Version 6.1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.081

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/3aeda2fe6517cc52663d4ce3588dd43f0d4124a7

https://git.kernel.org/stable/c/540dfd188ea2940582841c1c220bd035a7db0e51

https://git.kernel.org/stable/c/56ee9577915dc06f55309901012a9ef68dbdb5a8

https://git.kernel.org/stable/c/5d6093c49c098d86c7b136aba9922df44aeb6944

https://git.kernel.org/stable/c/7d80473e9f12548ac05b36af4fb9ce80f2f73509

https://git.kernel.org/stable/c/861f085f81fd569b02cc2c11165a9e6cca144424

https://nvd.nist.gov/vuln/detail/CVE-2022-50454

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50454

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50454

EUVD