CVE-2022-50481
MEDIUMLinux Kernel - Null Pointer Dereference in cxl_guest_init_afu|adapter()
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter() If device_register() fails in cxl_register_afu|adapter(), the device is not added, device_unregister() can not be called in the error path, otherwise it will cause a null-ptr-deref because of removing not added device. As comment of device_register() says, it should use put_device() to give up the reference in the error path. So split device_unregister() into device_del() and put_device(), then goes to put dev when register fails.
References (9)
Core 9
Core References
Scores
CVSS v3
5.5
EPSS
0.0015
EPSS Percentile
4.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (29)
linux/Kernel
4.10.0 - 4.14.303linux
linux/Kernel
4.15.0 - 4.19.270linux
linux/Kernel
4.20.0 - 5.4.229linux
linux/Kernel
4.6.0 - 4.9.337linux
linux/Kernel
5.11.0 - 5.15.86linux
linux/Kernel
5.16.0 - 6.0.16linux
linux/Kernel
5.5.0 - 5.10.163linux
linux/Kernel
6.1.0 - 6.1.2linux
Linux/Linux
< 4.6
Linux/Linux
14baf4d9c739e6e69150512d2eb23c71fffcc192 - 170e8c2d2b61e15e7f7cfeded81bc1e959a15ed8
... and 19 more
Published
Oct 04, 2025
Tracked Since
Feb 18, 2026