Memory Dereference Issue in Linux Kernel Affects Qualcomm Q6v5 Devices
CVE-2022-50888

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 30 December 2025

What is CVE-2022-50888?

A vulnerability in the Linux kernel affects the Qualcomm Q6v5 hardware platform, specifically within the remoteproc subsystem. The issue arises in the q6v5_wcss_init_mmio() function where it may attempt to dereference a null pointer. This occurs when platform_get_resource_byname() fails and returns NULL, leading to a risk of null pointer dereference during memory mapping. Developers are advised to implement proper error checks on the return value of platform_get_resource_byname() to mitigate this risk.

Affected Version(s)

Linux 0af65b9b915e52019aee91db3e1f8b39a7ec8d08 < 098ebb9089c4eedea09333f912d105fa63377496

Linux 0af65b9b915e52019aee91db3e1f8b39a7ec8d08 < 3afa88ae9911b65702a3aca9d92ea23fe496e56f

Linux 0af65b9b915e52019aee91db3e1f8b39a7ec8d08 < 0903a87490a9ed456ac765a84dcc484c1ee42c32

References

https://git.kernel.org/stable/c/098ebb9089c4eedea09333f91...

https://git.kernel.org/stable/c/3afa88ae9911b65702a3aca9d...

https://git.kernel.org/stable/c/0903a87490a9ed456ac765a84...

Timeline

Vulnerability published
Dec 30, 2025
Vulnerability Reserved
Dec 30, 2025

JSON