CVE-2022-50538 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-50538 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: vme: Fix error not catched in fake_init() In fake_init(), __root_device_register() is possible to fail but it's ignored, which can cause unregistering vme_root fail when exit. general protection fault, probably for non-canonical address 0xdffffc000000008c KASAN: null-ptr-deref in range [0x0000000000000460-0x0000000000000467] RIP: 0010:root_device_unregister+0x26/0x60 Call Trace: <TASK> __x64_sys_delete_module+0x34f/0x540 do_syscall_64+0x38/0x90 entry_SYSCALL_64_after_hwframe+0x63/0xcd Return error when __root_device_register() fails.

EPSS 0.01% · 2.5th percentile

Risk Scores

EPSS Score

0.01%

2.5th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	4.9, 4.9, 4.9
Linux	Linux	5.4.229, 658bcdae9c6755806e66b33e29d56b33a3ff421a, *

Timeline

Oct 7, 2025 CVE Published
Oct 8, 2025 EPSS Score
Oct 14, 2025 EPSS Score
Oct 20, 2025 EPSS Score
Oct 25, 2025 EPSS Score
Oct 31, 2025 EPSS Score
Nov 6, 2025 EPSS Score
Nov 12, 2025 EPSS Score
Nov 18, 2025 EPSS Score
Nov 23, 2025 EPSS Score
Nov 29, 2025 EPSS Score
Dec 5, 2025 EPSS Score

References

Open in Interactive Console →