CVE-2022-50473

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to the cpufreq subsystem. Specifically, in cpufreq policy alloc(), an uninitialized completion is called within cpufreq sysfs release() when kobject init and add() fails. This can lead to a crash, such as a page fault occurring in the complete function. The issue arises from attempting to use a completion variable before it has been properly initialized, potentially causing system instability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use of Uninitialized Resource

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-908CWE-909CWE-119

Related Identifiers

BDU:2026-03584

CESA-2020_1769

CESA-2023_7077

CVE-2022-50473

RHSA-2020:1769

RHSA-2020_1769

RHSA-2023:6583

RHSA-2023:7077

RHSA-2023_6583

RHSA-2023_7077

Affected Products

Centos

Linux Kernel

Red Hat

CVE-2022-50473

Weakness Enumeration

Related Identifiers

Affected Products

References · 21