CVE-2022-50421

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s rpmsg subsystem related to the destruction of the default endpoint. Specifically, the rpmsg dev remove() function in rpmsg core is responsible for releasing the default endpoint, but a double destroy issue can occur in rpmsg chrdev eptdev destroy(). This results in a use-after-free condition, indicated by a warning in ept->refcount. The issue is reproducible when stopping remoteproc before closing the /dev/rpmsgX device. The vulnerable function is rpmsg dev remove().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.