CVE-2022-50455 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-50455 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: nfs: fix possible null-ptr-deref when parsing param According to commit "vfs: parse: deal with zero length string value", kernel will set the param->string to null pointer in vfs_parse_fs_string() if fs string has zero length. Yet the problem is that, nfs_fs_context_parse_param() will dereferences the param->string, without checking whether it is a null pointer, which may trigger a null-ptr-deref bug. This patch solves it by adding sanity check on param->string in nfs_fs_context_parse_param().

EPSS 0.03% · 5.5th percentile

Risk Scores

EPSS Score

0.03%

5.5th percentile

Timeline

Oct 1, 2025 EPSS Score
Oct 2, 2025 EPSS Score
Oct 3, 2025 EPSS Score
Oct 4, 2025 EPSS Score
Oct 5, 2025 EPSS Score
Oct 6, 2025 EPSS Score
Oct 7, 2025 EPSS Score
Oct 8, 2025 EPSS Score
Oct 9, 2025 EPSS Score
Oct 10, 2025 EPSS Score
Oct 10, 2025 CVE Rejected
Oct 10, 2025 CVE Updated

References

Open in Interactive Console →