CVE-2022-50888
Unknown Unknown - Not Provided

Null Pointer Dereference in Linux Kernel q6v5 Remoteproc Component

Vulnerability report for CVE-2022-50888, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio() q6v5_wcss_init_mmio() will call platform_get_resource_byname() that may fail and return NULL. devm_ioremap() will use res->start as input, which may causes null-ptr-deref. Check the ret value of platform_get_resource_byname() to avoid the null-ptr-deref.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-07-06
AI Q&A
2025-12-30
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Impact Analysis

A null pointer dereference can cause the affected system to crash or become unstable, potentially leading to denial of service. Since this occurs in the Linux kernel's remoteproc driver, it could impact devices using this driver by causing unexpected reboots or failures.

Executive Summary

This vulnerability is a potential null pointer dereference in the Linux kernel's remoteproc driver for Qualcomm q6v5. Specifically, the function q6v5_wcss_init_mmio() calls platform_get_resource_byname(), which may fail and return NULL. If this happens, devm_ioremap() uses the NULL resource's start address, causing a null pointer dereference. The fix involves checking the return value of platform_get_resource_byname() to avoid this issue.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50888. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart