1. Home
  2. Vulnerabilities
  3. CVE-2022-50411
0.0
NA
CVE-2022-50411
ACPICA: Fix error code path in acpi_ds_call_control_method()
Description

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix error code path in acpi_ds_call_control_method() A use-after-free in acpi_ps_parse_aml() after a failing invocaion of acpi_ds_call_control_method() is reported by KASAN [1] and code inspection reveals that next_walk_state pushed to the thread by acpi_ds_create_walk_state() is freed on errors, but it is not popped from the thread beforehand. Thus acpi_ds_get_current_walk_state() called by acpi_ps_parse_aml() subsequently returns it as the new walk state which is incorrect. To address this, make acpi_ds_call_control_method() call acpi_ds_pop_walk_state() to pop next_walk_state from the thread before returning an error.

INFO

Published Date :

Sept. 18, 2025, 4:15 p.m.

Last Modified :

Sept. 18, 2025, 4:15 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products

The following products are affected by CVE-2022-50411 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

: Total Affected Vendor : 0 | Products : 0
Solution
Apply the ACPICA fix to prevent use-after-free in acpi_ps_parse_aml().
  • Update the Linux kernel with the ACPICA fix.
  • Ensure acpi_ds_call_control_method() pops walk state before error return.
  • Verify the fix addresses the use-after-free vulnerability.
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2022-50411.

URL Resource
https://git.kernel.org/stable/c/0462fec709d51762ba486245bc344f44cc6cfa97
https://git.kernel.org/stable/c/2deb42c4f9776e59bee247c14af9c5e8c05ca9a6
https://git.kernel.org/stable/c/38e251d356a01b61a86cb35213cafd7e8fe7090c
https://git.kernel.org/stable/c/404ec60438add1afadaffaed34bb5fe4ddcadd40
https://git.kernel.org/stable/c/5777432ebaaf797e24f059979b42df3139967163
https://git.kernel.org/stable/c/799881db3e03b5e98fe6a900d9d7de8c7d61e7ee
https://git.kernel.org/stable/c/9ef353c92f9d04c88de3af1a46859c1fb76db0f8
https://git.kernel.org/stable/c/b0b83d3f3ffa96e8395c56b83d6197e184902a34
https://git.kernel.org/stable/c/f520d181477ec29a496c0b3bbfbdb7e2606c2713
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2022-50411 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2022-50411 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2022-50411 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2022-50411 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Sep. 18, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix error code path in acpi_ds_call_control_method() A use-after-free in acpi_ps_parse_aml() after a failing invocaion of acpi_ds_call_control_method() is reported by KASAN [1] and code inspection reveals that next_walk_state pushed to the thread by acpi_ds_create_walk_state() is freed on errors, but it is not popped from the thread beforehand. Thus acpi_ds_get_current_walk_state() called by acpi_ps_parse_aml() subsequently returns it as the new walk state which is incorrect. To address this, make acpi_ds_call_control_method() call acpi_ds_pop_walk_state() to pop next_walk_state from the thread before returning an error.
    Added Reference https://git.kernel.org/stable/c/0462fec709d51762ba486245bc344f44cc6cfa97
    Added Reference https://git.kernel.org/stable/c/2deb42c4f9776e59bee247c14af9c5e8c05ca9a6
    Added Reference https://git.kernel.org/stable/c/38e251d356a01b61a86cb35213cafd7e8fe7090c
    Added Reference https://git.kernel.org/stable/c/404ec60438add1afadaffaed34bb5fe4ddcadd40
    Added Reference https://git.kernel.org/stable/c/5777432ebaaf797e24f059979b42df3139967163
    Added Reference https://git.kernel.org/stable/c/799881db3e03b5e98fe6a900d9d7de8c7d61e7ee
    Added Reference https://git.kernel.org/stable/c/9ef353c92f9d04c88de3af1a46859c1fb76db0f8
    Added Reference https://git.kernel.org/stable/c/b0b83d3f3ffa96e8395c56b83d6197e184902a34
    Added Reference https://git.kernel.org/stable/c/f520d181477ec29a496c0b3bbfbdb7e2606c2713
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.