CVE-2022-50087

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-50087
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50087.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-50087
Downstream
Related
Published
2025-06-18T11:02:28.079Z
Modified
2026-03-20T12:24:53.096975Z
Summary
firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails
Details

In the Linux kernel, the following vulnerability has been resolved:

firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails

When scpi probe fails, at any point, we need to ensure that the scpiinfo is not set and will remain NULL until the probe succeeds. If it is not taken care, then it could result use-after-free as the value is exported via getscpiops() and could refer to a memory allocated via devmkzalloc() but freed when the probe fails.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50087.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
8cb7cf56c9fe5412de238465b27ef35b4d2801aa
Fixed
5aa558232edc30468d1f35108826dd5b3ffe978f
Fixed
18048cba444a7c41dbf42c180d6b46606fc24c51
Fixed
08272646cd7c310642c39b7f54348fddd7987643
Fixed
0c29e149b6bb498778ed8a1c9597b51acfba7856
Fixed
87c4896d5dd7fd9927c814cf3c6289f41de3b562
Fixed
4f2d7b46d6b53c07f44a4f8f8f4438888f0e9e87
Fixed
689640efc0a2c4e07e6f88affe6d42cd40cc3f85

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50087.json"