CVE-2022-50672
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-09

Last updated on: 2025-12-09

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: mailbox: zynq-ipi: fix error handling while device_register() fails If device_register() fails, it has two issues: 1. The name allocated by dev_set_name() is leaked. 2. The parent of device is not NULL, device_unregister() is called in zynqmp_ipi_free_mboxes(), it will lead a kernel crash because of removing not added device. Call put_device() to give up the reference, so the name is freed in kobject_cleanup(). Add device registered check in zynqmp_ipi_free_mboxes() to avoid null-ptr-deref.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-09
Last Modified
2025-12-09
Generated
2026-06-16
AI Q&A
2025-12-09
EPSS Evaluated
2026-06-15
NVD
CVE-2022-50672
EUVD
EUVD-2022-55733
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel's mailbox zynq-ipi driver during error handling when device_register() fails. Specifically, two issues arise: first, the device name allocated by dev_set_name() is leaked; second, if the device's parent is not NULL, calling device_unregister() in zynqmp_ipi_free_mboxes() leads to a kernel crash because it attempts to remove a device that was never successfully added. The fix involves calling put_device() to release the reference and free the name, and adding a check to avoid null pointer dereference during cleanup.

Impact Analysis

This vulnerability can lead to kernel crashes due to improper error handling and resource leaks in the Linux kernel's mailbox driver. Such crashes can cause system instability, potential denial of service, and may require system reboots or recovery actions.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50672. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart