Description

In the Linux kernel, the following vulnerability has been resolved: mailbox: zynq-ipi: fix error handling while device_register() fails If device_register() fails, it has two issues: 1. The name allocated by dev_set_name() is leaked. 2. The parent of device is not NULL, device_unregister() is called in zynqmp_ipi_free_mboxes(), it will lead a kernel crash because of removing not added device. Call put_device() to give up the reference, so the name is freed in kobject_cleanup(). Add device registered check in zynqmp_ipi_free_mboxes() to avoid null-ptr-deref.

INFO

Published Date :

2025-12-09T01:29:24.072Z

Last Modified :

2025-12-09T01:29:24.072Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-50672 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-50672.

URL Resource
https://git.kernel.org/stable/c/3fcf079958c00d83c51e4f250abf2c77fe9cc1b9 cve-icon cve-icon
https://git.kernel.org/stable/c/4f05d8e2fb3ab702c2633a74571e1b31cb579985 cve-icon cve-icon
https://git.kernel.org/stable/c/a39b4de0804f9fe0ae911b359ffd4afe7d9d933b cve-icon cve-icon
https://git.kernel.org/stable/c/a6792a0cdef0b1c2d77920246283a72537e60e94 cve-icon cve-icon
https://git.kernel.org/stable/c/b3a5c76f61e2b380e29dfc6705854ca1ee85501d cve-icon cve-icon
https://git.kernel.org/stable/c/f2d63cefc012cafe1b7651bbf3302f8bcd8bea4a cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025120947-CVE-2022-50672-d9b1@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-50672 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-50672 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact