CVE-2022-50384

HIGH EPSS 5.2%
Published Sep 18, 20259mo ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Sep 18, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: staging: vme_user: Fix possible UAF in tsi148_dma_list_add Smatch report warning as follows: drivers/staging/vme_user/vme_tsi148.c:1757 tsi148_dma_list_add() warn: '&entry->list' not removed from list In tsi148_dma_list_add(), the error path "goto err_dma" will not remove entry->list from list->entries, but entry will be freed, then list traversal may cause UAF. Fix by removeing it from list->entries before free().

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
5.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel*≥4.2  –  <4.9.337
linuxlinux_kernel*≥4.10  –  <4.14.303
linuxlinux_kernel*≥4.15  –  <4.19.270
linuxlinux_kernel*≥4.20  –  <5.4.229
linuxlinux_kernel*≥5.5  –  <5.10.163
linuxlinux_kernel*≥5.11  –  <5.15.86
linuxlinux_kernel*≥5.16  –  <6.0.16
linuxlinux_kernel*≥6.1  –  <6.1.2

References 9

  • git.kernel.org https://git.kernel.org/stable/c/1f5661388f43df3ac106ce93e67d8d22b16a78ff
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/357057ee55d3c99a5de5abe8150f7bca04f8e53b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/51c0ad3b7c5b01f9314758335a13f157b05fa56d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5cc4eea715a3fcf4e516662f736dfee63979465f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5d2b286eb034af114f67d9967fc3fbc1829bb712
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/85db68fc901da52314ded80aace99f8b684c7815
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a45ba33d398a821147d7e5f16ead7eb125e331e2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cf138759a7e92c75cfc1b7ba705e4108fe330edf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e6b0adff99edf246ba1f8d464530a0438cb1cbda
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1f5661388f43df3ac106ce93e67d8d22b16a78ff
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/357057ee55d3c99a5de5abe8150f7bca04f8e53b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/51c0ad3b7c5b01f9314758335a13f157b05fa56d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5cc4eea715a3fcf4e516662f736dfee63979465f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5d2b286eb034af114f67d9967fc3fbc1829bb712
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/85db68fc901da52314ded80aace99f8b684c7815
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a45ba33d398a821147d7e5f16ead7eb125e331e2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cf138759a7e92c75cfc1b7ba705e4108fe330edf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e6b0adff99edf246ba1f8d464530a0438cb1cbda
    Patch