CVE-2022-50282

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc2-00005-g307c1086d7c9

Description The Linux kernel contains an issue in cdev device add() related to error handling. Specifically, if device add() is injected with a fault and returns an error, and dev->devt is not set, cdev add() is not called, and cdev del() is unnecessarily attempted. This can lead to a null pointer dereference. The issue occurs during fault injection testing.

Recommendations Update to Linux kernel version 6.1.0-rc2-00005-g307c1086d7c9 or a later version to resolve this issue.

Exploit

Fix

Use of Uninitialized Resource

Improper Initialization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-908CWE-665

Related Identifiers

BDU:2026-06076

CVE-2022-50282

SUSE-SU-2025:03614-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:03628-1

SUSE-SU-2025:3716-1

SUSE-SU-2025:3761-1

SUSE-SU-2026:0350-1

SUSE-SU-2026:0369-1

Affected Products

Astra Linux

Linux Kernel

Suse

CVE-2022-50282

Weakness Enumeration

Related Identifiers

Affected Products

References · 1139