CVE-2022-50875

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-50875
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50875.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-50875
Downstream
Published
2025-12-30T12:23:16.108Z
Modified
2026-04-02T08:28:48.855747Z
Summary
of: overlay: fix null pointer dereferencing in find_dup_cset_node_entry() and find_dup_cset_prop()
Details

In the Linux kernel, the following vulnerability has been resolved:

of: overlay: fix null pointer dereferencing in finddupcsetnodeentry() and finddupcset_prop()

When kmalloc() fail to allocate memory in kasprintf(), fn1 or fn2 will be NULL, and strcmp() will cause null pointer dereference.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50875.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
2fe0e8769df9fed5098daea7db933bc414c329d7
Fixed
9ec5781879b4535ad59b5354b385825378e45618
Fixed
2b4af99b44861646013821019dd13a4ac48c0219
Fixed
ce1b3a41e7964cb8dd56a702a95dd90ad27f51cd
Fixed
ab5bb7bbacf531de8e32912cc2e21f906113cee8
Fixed
71d88c7453ec3d2ceff98e18ce4d6354abd3b5b6
Fixed
ee9d7a0e754568180a2f8ebc4aad226278a9116f

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50875.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.0.0
Fixed
5.4.229
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.163
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.86
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.0.16
Type
ECOSYSTEM
Events
Introduced
6.1.0
Fixed
6.1.2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50875.json"