CVE-2022-50384 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-50384 PUBLISHED CVSS 7.800000190734863 HIGH

In the Linux kernel, the following vulnerability has been resolved: staging: vme_user: Fix possible UAF in tsi148_dma_list_add Smatch report warning as follows: drivers/staging/vme_user/vme_tsi148.c:1757 tsi148_dma_list_add() warn: '&entry->list' not removed from list In tsi148_dma_list_add(), the error path "goto err_dma" will not remove entry->list from list->entries, but entry will be freed, then list traversal may cause UAF. Fix by removeing it from list->entries before free().

EPSS 0.01% · 2.6th percentile

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.01%

2.6th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	4.2, 4.2, 4.2
Linux	Linux	6.0.16, b2383c90a9d691201b9aee557776694cde86a935, 6.2

Timeline

Sep 18, 2025 CVE Published
Sep 19, 2025 EPSS Score
Sep 25, 2025 EPSS Score
Oct 2, 2025 EPSS Score
Oct 8, 2025 EPSS Score
Oct 15, 2025 EPSS Score
Oct 21, 2025 EPSS Score
Oct 28, 2025 EPSS Score
Nov 3, 2025 EPSS Score
Nov 10, 2025 EPSS Score
Nov 16, 2025 EPSS Score
Nov 22, 2025 EPSS Score

References

Open in Interactive Console →