CVE-2022-50672

Dec. 9, 2025, 6:37 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: mailbox: zynq-ipi: fix error handling while device_register() fails If device_register() fails, it has two issues: 1. The name allocated by dev_set_name() is leaked. 2. The parent of device is not NULL, device_unregister() is called in zynqmp_ipi_free_mboxes(), it will lead a kernel crash because of removing not added device. Call put_device() to give up the reference, so the name is freed in kobject_cleanup(). Add device registered check in zynqmp_ipi_free_mboxes() to avoid null-ptr-deref.

Product(s) Impacted

Product Versions
kernel
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/3fcf079958c00d83c51e4f250abf2c77fe9cc1b9
https://git.kernel.org/stable/c/4f05d8e2fb3ab702c2633a74571e1b31cb579985
https://git.kernel.org/stable/c/a39b4de0804f9fe0ae911b359ffd4afe7d9d933b
https://git.kernel.org/stable/c/a6792a0cdef0b1c2d77920246283a72537e60e94
https://git.kernel.org/stable/c/b3a5c76f61e2b380e29dfc6705854ca1ee85501d
https://git.kernel.org/stable/c/f2d63cefc012cafe1b7651bbf3302f8bcd8bea4a

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-12-09
CVE-2022-50672

Timeline

Published: Dec. 9, 2025, 4:17 p.m.
Last Modified: Dec. 9, 2025, 6:37 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.