CVE-2022-50538
BaseFortify
Publication date: 2025-10-07
Last updated on: 2026-02-26
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 4.10 (inc) to 4.14.303 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel within the fake_init() function. The function __root_device_register() can fail, but this failure is ignored, which may cause the unregistering of vme_root to fail during exit. This can lead to a general protection fault, potentially due to a non-canonical address, and a null pointer dereference detected by KASAN.
How can this vulnerability impact me? :
The impact of this vulnerability includes the possibility of a general protection fault and kernel errors such as null pointer dereferences, which can cause system instability or crashes when modules are deleted or during system exit procedures.