CVE-2022-50192
- Source
- https://cve.org/CVERecord?id=CVE-2022-50192
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50192.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-50192
- Downstream
- Related
- Published
- 2025-06-18T11:03:37.549Z
- Modified
- 2026-04-03T13:14:42.148603725Z
- Summary
- spi: tegra20-slink: fix UAF in tegra_slink_remove()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
spi: tegra20-slink: fix UAF in tegraslinkremove()
After calling spiunregistermaster(), the refcount of master will be decrease to 0, and it will be freed in spicontrollerrelease(), the device data also will be freed, so it will lead a UAF when using 'tspi'. To fix this, get the master before unregister and put it when finish using it.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50192.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/415b4ce61308f24583912d887772dfcbf97f1d20
- https://git.kernel.org/stable/c/67f77172644260482fdafc03b6025847944701e5
- https://git.kernel.org/stable/c/7e9984d183bb1e99e766c5c2b950ff21f7f7b6c0
- https://git.kernel.org/stable/c/800c7767e05d29656713e04532823a752e57e037
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50192.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-50192
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced26c863418221344b1cfb8e6c11116b2b81144281Fixed415b4ce61308f24583912d887772dfcbf97f1d20Fixed800c7767e05d29656713e04532823a752e57e037Fixed67f77172644260482fdafc03b6025847944701e5Fixed7e9984d183bb1e99e766c5c2b950ff21f7f7b6c0