CVE-2022-50245

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-50245
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50245.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-50245
Downstream
Published
2025-09-15T14:02:03.353Z
Modified
2026-04-02T08:28:21.004257Z
Summary
rapidio: fix possible UAF when kfifo_alloc() fails
Details

In the Linux kernel, the following vulnerability has been resolved:

rapidio: fix possible UAF when kfifo_alloc() fails

If kfifoalloc() fails in mportcdevopen(), goto errfifo and just free priv. But priv is still in the chdev->file_list, then list traversal may cause UAF. This fixes the following smatch warning:

drivers/rapidio/devices/riomportcdev.c:1930 mportcdevopen() warn: '&priv->list' not removed from list

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50245.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e8de370188d098bb49483c287b44925957c3c9b6
Fixed
2a6c75adf8192f07ddcdd4a1a13488c890a73919
Fixed
2dfd60724d271a6ab99f93f40f38f2ced1ddbb87
Fixed
a253dde0403a153075ffb254f6f7b2635e49e97a
Fixed
311b488405ac45af46756b1c8f1d27007b68b07e
Fixed
5ee850645e42f541ce1ea8130c2b27cc495f965c
Fixed
2f5cc7fd73fd6253cc71214f0dd499cc62feb469
Fixed
2ba06e57f933f0eac242e8b389433da1cc00d4d5
Fixed
cb87af2c19c0993f6e21f75b963a5599c5a73e76
Fixed
02d7d89f816951e0862147d751b1150d67aaebdd

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50245.json"