CVE-2022-50245 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-50245 PUBLISHED

Reported by Linux · Published September 15, 2025

In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifo_alloc() fails If kfifo_alloc() fails in mport_cdev_open(), goto err_fifo and just free priv. But priv is still in the chdev->file_list, then list traversal may cause UAF. This fixes the following smatch warning: drivers/rapidio/devices/rio_mport_cdev.c:1930 mport_cdev_open() warn: '&priv->list' not removed from list

EPSS 0.01% · 2.6th percentile

Risk Scores

EPSS Score

0.01%

2.6th percentile

Affected Products

Vendor	Product	Versions
Linux	Linux	e8de370188d098bb49483c287b44925957c3c9b6, e8de370188d098bb49483c287b44925957c3c9b6, e8de370188d098bb49483c287b44925957c3c9b6
Linux	Linux	4.6, 0, 4.9.337
Linux	Linux	e8de370188d098bb49483c287b44925957c3c9b6, e8de370188d098bb49483c287b44925957c3c9b6, e8de370188d098bb49483c287b44925957c3c9b6
linux	linux_kernel	4.6, 4.6, 4.6

Timeline

Sep 15, 2025 CVE Published
Sep 16, 2025 EPSS Score
Sep 23, 2025 EPSS Score
Sep 29, 2025 EPSS Score
Oct 6, 2025 EPSS Score
Oct 12, 2025 EPSS Score
Oct 19, 2025 EPSS Score
Oct 25, 2025 EPSS Score
Nov 1, 2025 EPSS Score
Nov 7, 2025 EPSS Score
Nov 14, 2025 EPSS Score
Nov 21, 2025 EPSS Score

References

Open in Interactive Console →