CVE-2022-50317

MEDIUM EPSS 4.2%
Published Sep 15, 20259mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 15, 2025 9mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: megachips: Fix a null pointer dereference bug When removing the module we will get the following warning: [ 31.911505] i2c-core: driver [stdp2690-ge-b850v3-fw] unregistered [ 31.912484] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI [ 31.913338] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 31.915280] RIP: 0010:drm_bridge_remove+0x97/0x130 [ 31.921825] Call Trace: [ 31.922533] stdp4028_ge_b850v3_fw_remove+0x34/0x60 [megachips_stdpxxxx_ge_b850v3_fw] [ 31.923139] i2c_device_remove+0x181/0x1f0 The two bridges (stdp2690, stdp4028) do not probe at the same time, so the driver does not call ge_b850v3_resgiter() when probing, causing the driver to try to remove the object that has not been initialized. Fix this by checking whether both the bridges are probed.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥4.14.263  –  <4.14.296
linuxlinux_kernel*≥4.19.226  –  <4.19.262
linuxlinux_kernel*≥5.4.174  –  <5.4.220
linuxlinux_kernel*≥5.10.94  –  <5.10.150
linuxlinux_kernel*≥5.15.17  –  <5.15.75
linuxlinux_kernel*≥5.16.3  –  <5.19.17
linuxlinux_kernel*≥6.0  –  <6.0.3

References 8

  • git.kernel.org https://git.kernel.org/stable/c/1daf69228e310938177119c4eadcd30fc75c81e0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1ff673333d46d2c1b053ebd0c1c7c7c79e36943e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/21764467ab396d9f08921e0a5ffa1214244e1ad9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4610e7a4111fa3f3ce27c09d6d94008c55f1cd31
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5bc20bafcd87ba0858ab772cefc7047cb51bc249
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7371fad5cfe6eada6bb5523c895fd6074b15c2b9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/877e92e9b1bdeb580b31a46061005936be902cd4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/aaa512ad1e59f2edf8a9e4f2b167a44b24670679
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1daf69228e310938177119c4eadcd30fc75c81e0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1ff673333d46d2c1b053ebd0c1c7c7c79e36943e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/21764467ab396d9f08921e0a5ffa1214244e1ad9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4610e7a4111fa3f3ce27c09d6d94008c55f1cd31
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5bc20bafcd87ba0858ab772cefc7047cb51bc249
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7371fad5cfe6eada6bb5523c895fd6074b15c2b9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/877e92e9b1bdeb580b31a46061005936be902cd4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/aaa512ad1e59f2edf8a9e4f2b167a44b24670679
    Patch