-

CVE-2022-50767

EPSS 0.05%
Veröffentlicht 24.12.2025 13:05:57
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

fbdev: smscufx: Fix several use-after-free bugs

In the Linux kernel, the following vulnerability has been resolved:

fbdev: smscufx: Fix several use-after-free bugs

Several types of UAFs can occur when physically removing a USB device.

Adds ufx_ops_destroy() function to .fb_destroy of fb_ops, and
in this function, there is kref_put() that finally calls ufx_free().

This fix prevents multiple UAFs.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

CNA 2 VulnDex Vulnerability Enrichment 11

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 3c8a63e22a0802fd56380f6ab305b419f18eb6f5

Version < 6f2075ea883e5d7730d0c9ebb1bb8e7a1a7e953f

Status affected

Version 3c8a63e22a0802fd56380f6ab305b419f18eb6f5

Version < 3f40852d671072836fb7ae331a1f28a24223c4e8

Status affected

Version 3c8a63e22a0802fd56380f6ab305b419f18eb6f5

Version < 70faf9d9b6cc74418716bbf76fe75bd2da10ad4a

Status affected

Version 3c8a63e22a0802fd56380f6ab305b419f18eb6f5

Version < 5385af2f89bc352fb70753ab41b2bb036190141f

Status affected

Version 3c8a63e22a0802fd56380f6ab305b419f18eb6f5

Version < d9ddfeb01fb95ffbbc7031d46a5ee2a5e45cbb86

Status affected

Version 3c8a63e22a0802fd56380f6ab305b419f18eb6f5

Version < cc6a7249842fceda7574ceb63275a2d5e99d2862

Status affected

Version 3c8a63e22a0802fd56380f6ab305b419f18eb6f5

Version < 8d924b262f3178a9b17c17d4306a9f426c508bd9

Status affected

Version 3c8a63e22a0802fd56380f6ab305b419f18eb6f5

Version < cc67482c9e5f2c80d62f623bcc347c29f9f648e1

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 3.2

Status affected

Version 0

Version < 3.2

Status unaffected

Version <= 4.9.*

Version 4.9.332

Status unaffected

Version <= 4.14.*

Version 4.14.298

Status unaffected

Version <= 4.19.*

Version 4.19.264

Status unaffected

Version <= 5.4.*

Version 5.4.223

Status unaffected

Version <= 5.10.*

Version 5.10.153

Status unaffected

Version <= 5.15.*

Version 5.15.77

Status unaffected

Version <= 6.0.*

Version 6.0.7

Status unaffected

Version <= *

Version 6.1

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.144

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/6f2075ea883e5d7730d0c9ebb1bb8e7a1a7e953f

https://git.kernel.org/stable/c/3f40852d671072836fb7ae331a1f28a24223c4e8

https://git.kernel.org/stable/c/70faf9d9b6cc74418716bbf76fe75bd2da10ad4a

https://git.kernel.org/stable/c/5385af2f89bc352fb70753ab41b2bb036190141f

https://git.kernel.org/stable/c/d9ddfeb01fb95ffbbc7031d46a5ee2a5e45cbb86

https://git.kernel.org/stable/c/cc6a7249842fceda7574ceb63275a2d5e99d2862

https://git.kernel.org/stable/c/8d924b262f3178a9b17c17d4306a9f426c508bd9

https://git.kernel.org/stable/c/cc67482c9e5f2c80d62f623bcc347c29f9f648e1

https://nvd.nist.gov/vuln/detail/CVE-2022-50767

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50767

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50767

EUVD