CVE-2022-50354
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-17

Last updated on: 2025-12-10

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfd_process_device_init_vm error handling Should only destroy the ib_mem and let process cleanup worker to free the outstanding BOs. Reset the pointer in pdd->qpd structure, to avoid NULL pointer access in process destroy worker. BUG: kernel NULL pointer dereference, address: 0000000000000010 Call Trace: amdgpu_amdkfd_gpuvm_unmap_gtt_bo_from_kernel+0x46/0xb0 [amdgpu] kfd_process_device_destroy_cwsr_dgpu+0x40/0x70 [amdgpu] kfd_process_destroy_pdds+0x71/0x190 [amdgpu] kfd_process_wq_release+0x2a2/0x3b0 [amdgpu] process_one_work+0x2a1/0x600 worker_thread+0x39/0x3d0
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-17
Last Modified
2025-12-10
Generated
2026-06-16
AI Q&A
2025-09-17
EPSS Evaluated
2026-06-15
NVD
CVE-2022-50354
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 5.16 (inc) to 6.0.19 (exc)
linux linux_kernel From 6.1 (inc) to 6.1.5 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel's drm/amdkfd component involves improper error handling during the initialization of a device's virtual memory. Specifically, it should only destroy the ib_mem and allow the process cleanup worker to free outstanding buffer objects (BOs). The issue involves a NULL pointer dereference caused by not resetting a pointer in the pdd->qpd structure, which leads to a kernel crash during process destruction.

Impact Analysis

The vulnerability can cause a kernel NULL pointer dereference, leading to a kernel crash (BUG). This can result in system instability or denial of service, as the kernel may crash when handling certain GPU-related process cleanup operations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50354. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart