CVE-2022-50642 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-50642 PUBLISHED

Reported by Linux · Published December 9, 2025

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_typec: zero out stale pointers `cros_typec_get_switch_handles` allocates four pointers when obtaining type-c switch handles. These pointers are all freed if failing to obtain any of them; therefore, pointers in `port` become stale. The stale pointers eventually cause use-after-free or double free in later code paths. Zeroing out all pointer fields after freeing to eliminate these stale pointers.

EPSS 0.03% · 7.2th percentile

Risk Scores

EPSS Score

0.03%

7.2th percentile

Affected Products

Vendor	Product	Versions
Linux	Linux	f28adb41dab4a2795fd959750df57adffd2bb0be, f28adb41dab4a2795fd959750df57adffd2bb0be, f28adb41dab4a2795fd959750df57adffd2bb0be
Linux	Linux	5.9, 0, 5.15.86
Linux	Linux	f28adb41dab4a2795fd959750df57adffd2bb0be, f28adb41dab4a2795fd959750df57adffd2bb0be, f28adb41dab4a2795fd959750df57adffd2bb0be
linux	linux_kernel	5.9, 5.9, 5.9

Timeline

Dec 9, 2025 EPSS Score
Dec 9, 2025 CVE Published
Dec 13, 2025 EPSS Score
Dec 16, 2025 EPSS Score
Dec 20, 2025 EPSS Score
Dec 24, 2025 EPSS Score
Dec 27, 2025 EPSS Score
Dec 31, 2025 EPSS Score
Jan 4, 2026 EPSS Score
Jan 7, 2026 EPSS Score
Jan 11, 2026 EPSS Score
Jan 15, 2026 EPSS Score

References

Open in Interactive Console →