CVE-2022-50492

HIGH

Linux Kernel < 6.0.7 - Use After Free

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix use-after-free on probe deferral The bridge counter was never reset when tearing down the DRM device so that stale pointers to deallocated structures would be accessed on the next tear down (e.g. after a second late bind deferral). Given enough bridges and a few probe deferrals this could currently also lead to data beyond the bridge array being corrupted. Patchwork: https://patchwork.freedesktop.org/patch/502665/

References (2)

[Patch] https://git.kernel.org/stable/c/0a30a47741b6df1f9555a0fac6aebb7e8c363bad

[Patch] https://git.kernel.org/stable/c/6808abdb33bf90330e70a687d29f038507e06ebb

Scores

CVSS v3 7.8

EPSS 0.0002

EPSS Percentile 3.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-416

Status published

Affected Products (4)

linux/linux_kernel < 6.0.7

linux/linux_kernel

linux/Kernel < 6.0.7linux

Timeline

Published Oct 04, 2025

Tracked Since Feb 18, 2026