CVE-2022-50087
Linux Kernel Firmware Use-After-Free Vulnerability in ARM SCPI
Description
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpi_info is not set and will remain NULL until the probe succeeds. If it is not taken care, then it could result use-after-free as the value is exported via get_scpi_ops() and could refer to a memory allocated via devm_kzalloc() but freed when the probe fails.
INFO
Published Date :
June 18, 2025, 11:15 a.m.
Last Modified :
June 18, 2025, 1:47 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Solution
- Update the affected packages.
- Reboot the system.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2022-50087.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2022-50087 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2022-50087
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2022-50087 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2022-50087 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Jun. 18, 2025
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpi_info is not set and will remain NULL until the probe succeeds. If it is not taken care, then it could result use-after-free as the value is exported via get_scpi_ops() and could refer to a memory allocated via devm_kzalloc() but freed when the probe fails. Added Reference https://git.kernel.org/stable/c/08272646cd7c310642c39b7f54348fddd7987643 Added Reference https://git.kernel.org/stable/c/0c29e149b6bb498778ed8a1c9597b51acfba7856 Added Reference https://git.kernel.org/stable/c/18048cba444a7c41dbf42c180d6b46606fc24c51 Added Reference https://git.kernel.org/stable/c/4f2d7b46d6b53c07f44a4f8f8f4438888f0e9e87 Added Reference https://git.kernel.org/stable/c/5aa558232edc30468d1f35108826dd5b3ffe978f Added Reference https://git.kernel.org/stable/c/689640efc0a2c4e07e6f88affe6d42cd40cc3f85 Added Reference https://git.kernel.org/stable/c/87c4896d5dd7fd9927c814cf3c6289f41de3b562