VDB

CVE-2022-50400

CVE-2022-50400 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: audio_helper: remove unused and wrong debugfs usage In the greybus audio_helper code, the debugfs file for the dapm has the potential to be removed and memory will be leaked. There is also the very real potential for this code to remove ALL debugfs entries from the system, and it seems like this is what will really happen if this code ever runs. This all is very wrong as the greybus audio driver did not create this debugfs file, the sound core did and controls the lifespan of it. So remove all of the debugfs logic from the audio_helper code as there's no way it could be correct. If this really is needed, it can come back with a fixup for the incorrect usage of the debugfs_lookup() call which is what caused this to be noticed at all.

EPSS 0.04% · 11.5th percentile

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.04%
11.5th percentile

Affected Products

VendorProductVersions
linuxlinux_kernel5.9, 5.9, 5.9
LinuxLinux510e340efe0cbd379cf1ff3490d088c3299749b1, 510e340efe0cbd379cf1ff3490d088c3299749b1, 510e340efe0cbd379cf1ff3490d088c3299749b1

Exploit Intelligence

Timeline

  • Sep 18, 2025 CVE Published
  • Sep 19, 2025 EPSS Score
  • Sep 26, 2025 EPSS Score
  • Oct 3, 2025 EPSS Score
  • Oct 10, 2025 EPSS Score
  • Oct 17, 2025 EPSS Score
  • Oct 24, 2025 EPSS Score
  • Oct 31, 2025 EPSS Score
  • Nov 7, 2025 EPSS Score
  • Nov 14, 2025 EPSS Score
  • Nov 21, 2025 EPSS Score
  • Nov 28, 2025 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›