Use-After-Free Vulnerability in Linux Kernel Affecting Coresight Devices
CVE-2022-50214

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 June 2025

What is CVE-2022-50214?

A vulnerability exists in the Linux Kernel related to coresight devices that manage output connections. When a device is removed from the coresight bus, it is crucial to correctly clear the connection references to prevent memory management issues. Specifically, the function that handles the removal does not adequately clear the fwnode reference, leading to a use-after-free condition. In scenarios where device A is connected to device B, improper reference handling can result in device A attempting to access memory that has already been freed, which can trigger system instability and security concerns. This vulnerability underscores the importance of thorough memory management in complex device connection scenarios.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 37ea1ffddffa63c920ce826786fe610c78f57842

Linux 37ea1ffddffa63c920ce826786fe610c78f57842 < 847b9273dd61567fb77617eabc5fa002594db062

Linux 37ea1ffddffa63c920ce826786fe610c78f57842

References

https://git.kernel.org/stable/c/e9205d8dd1cafb7cff689ef9d...
https://git.kernel.org/stable/c/847b9273dd61567fb77617eab...
https://git.kernel.org/stable/c/b49b29ee113a87997bcca0bb0...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.