VDB
CVE-2022-50642
CVE-2022-50642
PUBLISHED
Reported by Linux · Published December 9, 2025
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_typec: zero out stale pointers `cros_typec_get_switch_handles` allocates four pointers when obtaining type-c switch handles. These pointers are all freed if failing to obtain any of them; therefore, pointers in `port` become stale. The stale pointers eventually cause use-after-free or double free in later code paths. Zeroing out all pointer fields after freeing to eliminate these stale pointers.
EPSS 0.03% · 8.4th percentile
Risk Scores
EPSS Score
0.03%
8.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | f28adb41dab4a2795fd959750df57adffd2bb0be, f28adb41dab4a2795fd959750df57adffd2bb0be, f28adb41dab4a2795fd959750df57adffd2bb0be |
| Linux | Linux | 5.9, 0, 5.15.86 |
| Linux | Linux | 6.2, f28adb41dab4a2795fd959750df57adffd2bb0be, f28adb41dab4a2795fd959750df57adffd2bb0be |
| linux | linux_kernel | 5.9, 5.9, 5.9 |
Timeline
- Dec 9, 2025 EPSS Score
- Dec 9, 2025 CVE Published
- Dec 13, 2025 EPSS Score
- Dec 17, 2025 EPSS Score
- Dec 22, 2025 EPSS Score
- Dec 26, 2025 EPSS Score
- Dec 30, 2025 EPSS Score
- Jan 3, 2026 EPSS Score
- Jan 8, 2026 EPSS Score
- Jan 12, 2026 EPSS Score
- Jan 16, 2026 EPSS Score
- Jan 20, 2026 EPSS Score