PT-2025-26013 · Linux+6 · Linux Kernel+6

Published

2022-07-04

·

Updated

2025-11-18

·

CVE-2022-50087

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the Linux kernel's arm scpi firmware, where the scpi info is not properly handled when the scpi probe fails. This could result in a use-after-free scenario, as the value is exported via get scpi ops() and could refer to memory allocated via devm kzalloc() but freed when the probe fails.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:16919
ALSA-2025:16920
ALSA-2025:18281
BDU:2026-01549
CESA-2025_16919
CESA-2025_16920
CVE-2022-50087
INFSA-2025_16919
INFSA-2025_16920
INFSA-2025_18281
INFSA-2025_21112
OESA-2025-1820
RHSA-2023:6583
RHSA-2023_6583
RHSA-2025:16919
RHSA-2025:16920
RHSA-2025:17734
RHSA-2025:17735
RHSA-2025:17958
RHSA-2025:18054
RHSA-2025:18098
RHSA-2025:18281
RHSA-2025:21112
RHSA-2025_16919
RHSA-2025_16920
RHSA-2025_18281
RHSA-2025_21112
SUSE-SU-2025:02264-1
SUSE-SU-2025:02308-1
SUSE-SU-2025:02320-1
SUSE-SU-2025:02321-1
SUSE-SU-2025:02322-1
SUSE-SU-2025:02334-1
SUSE-SU-2025:02537-1
SUSE-SU-2025:2264-1
SUSE-SU-2025_02264-1
SUSE-SU-2025_02308-1
SUSE-SU-2025_02334-1
SUSE-SU-2025_02537-1

Affected Products

Almalinux
Astra Linux
Centos
Linux Kernel
Red Hat
Rocky Linux
Suse