CVE-2022-50308

MEDIUM

Linux Kernel 5.10-5.10.162, 5.11-5.15.85, 5.16-6.0.15, 6.1-6.1.1 - NULL Pointer Dereference in ASoC qcom Component

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Add checks for devm_kcalloc As the devm_kcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference.

References (5)

Core 5

Core References

Patch

https://git.kernel.org/stable/c/4518d7cc38b7d1a7ce5a7878ca601c91e19fe47d

Patch

https://git.kernel.org/stable/c/f849c116d320e85d1e2c2804c0edb0be3953b62d

Patch

https://git.kernel.org/stable/c/7830e2289eb4b74970b6cd1b6cc68dcd021c2281

Patch

https://git.kernel.org/stable/c/b1e4f92dd0c1d3c162d7ca6c1196995565cca96d

Patch

https://git.kernel.org/stable/c/1bf5ee979076ceb121ee51c95197d890b1cee7f4

Scores

CVSS v3 5.5

EPSS 0.0014

EPSS Percentile 4.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (17)

linux/Kernel 5.10.0 - 5.10.163linux

linux/Kernel 5.11.0 - 5.15.86linux

linux/Kernel 5.16.0 - 6.0.16linux

linux/Kernel 6.1.0 - 6.1.2linux

Linux/Linux < 5.10

Linux/Linux 24caf8d9eb108c52e144bcc7af94bb1edcb70700 - 1bf5ee979076ceb121ee51c95197d890b1cee7f4

Linux/Linux 24caf8d9eb108c52e144bcc7af94bb1edcb70700 - 4518d7cc38b7d1a7ce5a7878ca601c91e19fe47d

Linux/Linux 24caf8d9eb108c52e144bcc7af94bb1edcb70700 - 7830e2289eb4b74970b6cd1b6cc68dcd021c2281

Linux/Linux 24caf8d9eb108c52e144bcc7af94bb1edcb70700 - b1e4f92dd0c1d3c162d7ca6c1196995565cca96d

Linux/Linux 24caf8d9eb108c52e144bcc7af94bb1edcb70700 - f849c116d320e85d1e2c2804c0edb0be3953b62d

... and 7 more

Published Sep 15, 2025

Tracked Since Feb 18, 2026