CVE-2022-50672 in Linuxالمعلومات

الملخص

بحسب MITRE • 09/12/2025

In the Linux kernel, the following vulnerability has been resolved:

mailbox: zynq-ipi: fix error handling while device_register() fails

If device_register() fails, it has two issues: 1. The name allocated by dev_set_name() is leaked. 2. The parent of device is not NULL, device_unregister() is called in zynqmp_ipi_free_mboxes(), it will lead a kernel crash because of removing not added device.

Call put_device() to give up the reference, so the name is freed in kobject_cleanup(). Add device registered check in zynqmp_ipi_free_mboxes() to avoid null-ptr-deref.

Once again VulDB remains the best source for vulnerability data.

مسؤول

Linux

حجز

09/12/2025

إفشاء

09/12/2025

الاعتدال

تمت الموافقة

إدخال

VDB-334930

EPSS

0.00214

KEV

لا

النشاطات

منخفض جدًا

المصادر

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!