CVE-2022-50190
- Source
- https://cve.org/CVERecord?id=CVE-2022-50190
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50190.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-50190
- Downstream
- Related
- Published
- 2025-06-18T11:03:36.320Z
- Modified
- 2026-03-20T12:24:56.341989Z
- Summary
- spi: Fix simplification of devm_spi_register_controller
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
spi: Fix simplification of devmspiregister_controller
This reverts commit 59ebbe40fb51 ("spi: simplify devmspiregister_controller").
If devmaddaction() fails in devmaddactionorreset(), devmspiunregister() will be called, it decreases the refcount of 'ctlr->dev' to 0, then it will cause uaf in the drivers that calling spiputcontroller() in error path.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50190.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/34bab623ebfc08398499e463396b81abb4abe01e
- https://git.kernel.org/stable/c/3c6bd448442b6c3f6843ac70d57201a13478dd47
- https://git.kernel.org/stable/c/43cc5a0afe4184a7fafe1eba32b5a11bb69c9ce0
- https://git.kernel.org/stable/c/445fb9c19cf45bd9472fd9babaa31c5e6c7d2720
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50190.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-50190
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced59ebbe40fb51e307032ae7f63b2749fad2d4635aFixed445fb9c19cf45bd9472fd9babaa31c5e6c7d2720Fixed34bab623ebfc08398499e463396b81abb4abe01eFixed3c6bd448442b6c3f6843ac70d57201a13478dd47Fixed43cc5a0afe4184a7fafe1eba32b5a11bb69c9ce0