CVE-2022-50785

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a use-after-free issue within the FSI (file system interface) component, specifically related to the occ functionality. The issue occurs because the device could be freed while a file descriptor is open. The resolution involves using get device and put device in the open and close functions to ensure the device remains valid during file descriptor usage. Additionally, a lock is implemented around the freeing of the device buffer, and a check is performed on the buffer before its use in the submit function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.