CVE-2022-50642

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the platform/chrome: cros ec typec component where stale pointers can occur after freeing memory in the cros typec get switch handles function. This happens when the function fails to obtain type-c switch handles, leaving pointers in the port structure uninitialized. These stale pointers can lead to use-after-free or double-free conditions in subsequent code execution. The issue is addressed by zeroing out all pointer fields after freeing the memory to eliminate these stale pointers.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.