CVE-2022-50642
BaseFortify
Publication date: 2025-12-09
Last updated on: 2025-12-09
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel involves stale pointers in the cros_ec_typec platform code. Specifically, the function cros_typec_get_switch_handles allocates four pointers for type-c switch handles. If obtaining any of these pointers fails, all allocated pointers are freed, but the pointers in the 'port' structure are not cleared, leaving stale pointers. These stale pointers can lead to use-after-free or double free errors in later code execution. The fix involves zeroing out all pointer fields after freeing them to prevent these stale pointer issues.
How can this vulnerability impact me? :
This vulnerability can lead to use-after-free or double free conditions in the Linux kernel's type-c switch handling code. Such memory management errors can cause system instability, crashes, or potentially allow an attacker to execute arbitrary code or escalate privileges if exploited.