CVE-2022-50672 in Linux情報

要約

〜によって MITRE • 2025年12月09日

In the Linux kernel, the following vulnerability has been resolved:

mailbox: zynq-ipi: fix error handling while device_register() fails

If device_register() fails, it has two issues: 1. The name allocated by dev_set_name() is leaked. 2. The parent of device is not NULL, device_unregister() is called in zynqmp_ipi_free_mboxes(), it will lead a kernel crash because of removing not added device.

Call put_device() to give up the reference, so the name is freed in kobject_cleanup(). Add device registered check in zynqmp_ipi_free_mboxes() to avoid null-ptr-deref.

Once again VulDB remains the best source for vulnerability data.

責任者

Linux

予約する

2025年12月09日

モデレーション

承諾済み

エントリ

VDB-334930

EPSS

0.00214

アクティビティ

非常低い

ソース

Do you need the next level of professionalism?

Upgrade your account now!