CVE-2022-50714

EPSS 0.02%
Veröffentlicht 24.12.2025 12:22:39
Zuletzt bearbeitet 29.12.2025 15:58:34
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

wifi: mt76: mt7921e: fix rmmod crash in driver reload test

In insmod/rmmod stress test, the following crash dump shows up immediately.
The problem is caused by missing mt76_dev in mt7921_pci_remove(). We
should make sure the drvdata is ready before probe() finished.

[168.862789] ==================================================================
[168.862797] BUG: KASAN: user-memory-access in try_to_grab_pending+0x59/0x480
[168.862805] Write of size 8 at addr 0000000000006df0 by task rmmod/5361
[168.862812] CPU: 7 PID: 5361 Comm: rmmod Tainted: G           OE     5.19.0-rc6 #1
[168.862816] Hardware name: Intel(R) Client Systems NUC8i7BEH/NUC8BEB, 05/04/2020
[168.862820] Call Trace:
[168.862822]  <TASK>
[168.862825]  dump_stack_lvl+0x49/0x63
[168.862832]  print_report.cold+0x493/0x6b7
[168.862845]  kasan_report+0xa7/0x120
[168.862857]  kasan_check_range+0x163/0x200
[168.862861]  __kasan_check_write+0x14/0x20
[168.862866]  try_to_grab_pending+0x59/0x480
[168.862870]  __cancel_work_timer+0xbb/0x340
[168.862898]  cancel_work_sync+0x10/0x20
[168.862902]  mt7921_pci_remove+0x61/0x1c0 [mt7921e]
[168.862909]  pci_device_remove+0xa3/0x1d0
[168.862914]  device_remove+0xc4/0x170
[168.862920]  device_release_driver_internal+0x163/0x300
[168.862925]  driver_detach+0xc7/0x1a0
[168.862930]  bus_remove_driver+0xeb/0x2d0
[168.862935]  driver_unregister+0x71/0xb0
[168.862939]  pci_unregister_driver+0x30/0x230
[168.862944]  mt7921_pci_driver_exit+0x10/0x1b [mt7921e]
[168.862949]  __x64_sys_delete_module+0x2f9/0x4b0
[168.862968]  do_syscall_64+0x38/0x90
[168.862973]  entry_SYSCALL_64_after_hwframe+0x63/0xcd

Test steps:
1. insmode
2. do not ifup
3. rmmod quickly (within 1 second)

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 1034d8e08508830161377f136a060e78fc24f2a5

Version 1c71e03afe4b457a15e50de40006b927dfc00755

Status affected

Version < ccda3ebdae719d348f90563b6719fba4929ae283

Version 1c71e03afe4b457a15e50de40006b927dfc00755

Status affected

Version < b5a62d612b7baf6e09884e4de94decb6391d6a9d

Version 1c71e03afe4b457a15e50de40006b927dfc00755

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.18

Status affected

Version < 5.18

Version 0

Status unaffected

Version <= 5.19.*

Version 5.19.17

Status unaffected

Version <= 6.0.*

Version 6.0.3

Status unaffected

Version <= *

Version 6.1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.058

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/1034d8e08508830161377f136a060e78fc24f2a5

https://git.kernel.org/stable/c/ccda3ebdae719d348f90563b6719fba4929ae283

https://git.kernel.org/stable/c/b5a62d612b7baf6e09884e4de94decb6391d6a9d

https://nvd.nist.gov/vuln/detail/CVE-2022-50714

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50714

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50714

EUVD