1. Home
  2. Vulnerabilities
  3. CVE-2022-50757
0.0
NA
CVE-2022-50757
media: camss: Clean up received buffers on failed start of streaming
Description

In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is required to return the received buffers, if streaming can not be started. For instance media_pipeline_start() may fail with EPIPE, if a link validation between entities is not passed, and in such a case a user gets a kernel warning: WARNING: CPU: 1 PID: 520 at drivers/media/common/videobuf2/videobuf2-core.c:1592 vb2_start_streaming+0xec/0x160 <snip> Call trace: vb2_start_streaming+0xec/0x160 vb2_core_streamon+0x9c/0x1a0 vb2_ioctl_streamon+0x68/0xbc v4l_streamon+0x30/0x3c __video_do_ioctl+0x184/0x3e0 video_usercopy+0x37c/0x7b0 video_ioctl2+0x24/0x40 v4l2_ioctl+0x4c/0x70 The fix is to correct the error path in video_start_streaming() of camss.

INFO

Published Date :

Dec. 24, 2025, 1:16 p.m.

Last Modified :

Dec. 24, 2025, 1:16 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products

The following products are affected by CVE-2022-50757 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

: Total Affected Vendor : 0 | Products : 0
Solution
Apply the kernel patch to fix buffer handling issues when streaming fails.
  • Apply the Linux kernel patch to the camss driver.
  • Ensure streaming startup error paths are handled correctly.
  • Review media pipeline error handling logic.
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2022-50757.

URL Resource
https://git.kernel.org/stable/c/04c734c716a97f1493b1edac41316aaed1d2a9d9
https://git.kernel.org/stable/c/24df4fa3e795fb4b15fd4d3c036596e0978d265a
https://git.kernel.org/stable/c/3d5cab726e3b370fea1b6e67183f0e13c409ce5c
https://git.kernel.org/stable/c/75954cde8a5ca84003b24b6bf83197240935bd74
https://git.kernel.org/stable/c/c8f3582345e6a69da65ab588f7c4c2d1685b0e80
https://git.kernel.org/stable/c/d1c44928bb3ca0ec88e7ad5937a2a26a259aede6
https://git.kernel.org/stable/c/f05326a440dc31b91b688b2f3f15b7347894a50b
https://git.kernel.org/stable/c/fe443b3fe36cd23d4f5dc6d825d34322e7c89f0c
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2022-50757 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2022-50757 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2022-50757 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2022-50757 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Dec. 24, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is required to return the received buffers, if streaming can not be started. For instance media_pipeline_start() may fail with EPIPE, if a link validation between entities is not passed, and in such a case a user gets a kernel warning: WARNING: CPU: 1 PID: 520 at drivers/media/common/videobuf2/videobuf2-core.c:1592 vb2_start_streaming+0xec/0x160 <snip> Call trace: vb2_start_streaming+0xec/0x160 vb2_core_streamon+0x9c/0x1a0 vb2_ioctl_streamon+0x68/0xbc v4l_streamon+0x30/0x3c __video_do_ioctl+0x184/0x3e0 video_usercopy+0x37c/0x7b0 video_ioctl2+0x24/0x40 v4l2_ioctl+0x4c/0x70 The fix is to correct the error path in video_start_streaming() of camss.
    Added Reference https://git.kernel.org/stable/c/04c734c716a97f1493b1edac41316aaed1d2a9d9
    Added Reference https://git.kernel.org/stable/c/24df4fa3e795fb4b15fd4d3c036596e0978d265a
    Added Reference https://git.kernel.org/stable/c/3d5cab726e3b370fea1b6e67183f0e13c409ce5c
    Added Reference https://git.kernel.org/stable/c/75954cde8a5ca84003b24b6bf83197240935bd74
    Added Reference https://git.kernel.org/stable/c/c8f3582345e6a69da65ab588f7c4c2d1685b0e80
    Added Reference https://git.kernel.org/stable/c/d1c44928bb3ca0ec88e7ad5937a2a26a259aede6
    Added Reference https://git.kernel.org/stable/c/f05326a440dc31b91b688b2f3f15b7347894a50b
    Added Reference https://git.kernel.org/stable/c/fe443b3fe36cd23d4f5dc6d825d34322e7c89f0c
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.