Use-After-Free Vulnerability in si470x Device Driver by Linux Kernel
CVE-2022-50542

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 7 October 2025

What is CVE-2022-50542?

The si470x device driver in the Linux kernel experienced a use-after-free vulnerability due to improper memory handling in the si470x_int_in_callback() function. This occurred when the function tried to access memory that had already been freed, specifically after the completion or failure of USB operations. To address this, a patch was implemented to ensure that memory is properly managed, especially when operations fail, thereby mitigating any potential security risks associated with the vulnerability.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 146bd005ebb01ae190c22af050cb98623958c373

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8c6151b8e8dd2d98ad2cd725d26d1e103d989891

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 52f54fe78cca24850a30865037250f63eb3d5bf7

References

https://git.kernel.org/stable/c/146bd005ebb01ae190c22af05...

https://git.kernel.org/stable/c/8c6151b8e8dd2d98ad2cd725d...

https://git.kernel.org/stable/c/52f54fe78cca24850a3086503...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 7, 2025
Vulnerability Reserved
Oct 7, 2025

JSON