CVE-2022-50354

MEDIUM

Linux Kernel 5.16-6.2 - NULL Pointer Dereference in AMDKFD Process Device Cleanup

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfd_process_device_init_vm error handling Should only destroy the ib_mem and let process cleanup worker to free the outstanding BOs. Reset the pointer in pdd->qpd structure, to avoid NULL pointer access in process destroy worker. BUG: kernel NULL pointer dereference, address: 0000000000000010 Call Trace: amdgpu_amdkfd_gpuvm_unmap_gtt_bo_from_kernel+0x46/0xb0 [amdgpu] kfd_process_device_destroy_cwsr_dgpu+0x40/0x70 [amdgpu] kfd_process_destroy_pdds+0x71/0x190 [amdgpu] kfd_process_wq_release+0x2a2/0x3b0 [amdgpu] process_one_work+0x2a1/0x600 worker_thread+0x39/0x3d0

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/b6e78bd3bf2eb964c95eb2596d3cd367307a20b5

Patch

https://git.kernel.org/stable/c/9d74d1f52e16d8e07f7fbe52e96d6391418a2fe9

Patch

https://git.kernel.org/stable/c/29d48b87db64b6697ddad007548e51d032081c59

Scores

CVSS v3 5.5

EPSS 0.0019

EPSS Percentile 8.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (11)

linux/Kernel 5.16.0 - 6.0.19linux

linux/Kernel 6.1.0 - 6.1.5linux

Linux/Linux < 5.16

Linux/Linux 5.16

Linux/Linux 6.0.19 - 6.0.*

Linux/Linux 6.1.5 - 6.1.*

Linux/Linux 6.2

Linux/Linux 68df0f195a689bbb0f92bfeadee6edd90c79c31f - 29d48b87db64b6697ddad007548e51d032081c59

Linux/Linux 68df0f195a689bbb0f92bfeadee6edd90c79c31f - 9d74d1f52e16d8e07f7fbe52e96d6391418a2fe9

Linux/Linux 68df0f195a689bbb0f92bfeadee6edd90c79c31f - b6e78bd3bf2eb964c95eb2596d3cd367307a20b5

... and 1 more

Published Sep 17, 2025

Tracked Since Feb 18, 2026