CVE-2022-50826

Published: Dic 30, 2025 Last Modified: Dic 31, 2025
ExploitDB:
Other exploit source:
Google Dorks:

Description

AI Translation Available

In the Linux kernel, the following vulnerability has been resolved:

ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection()

Calling v4l2_subdev_get_try_crop() and v4l2_subdev_get_try_compose()
with a subdev state of NULL leads to a NULL pointer dereference. This
can currently happen in imgu_subdev_set_selection() when the state
passed in is NULL, as this method first gets pointers to both the 'try'
and 'active' states and only then decides which to use.

The same issue has been addressed for imgu_subdev_get_selection() with
commit 30d03a0de650 ('ipu3-imgu: Fix NULL pointer dereference in active
selection access'). However the issue still persists in
imgu_subdev_set_selection().

Therefore, apply a similar fix as done in the aforementioned commit to
imgu_subdev_set_selection(). To keep things a bit cleaner, introduce
helper functions for 'crop' and 'compose' access and use them in both
imgu_subdev_set_selection() and imgu_subdev_get_selection().

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0003
Percentile
0,1th
Updated

EPSS Score Trend (Last 76 Days)

https://git.kernel.org/stable/c/5038ee677606106c91564f9c455…
https://git.kernel.org/stable/c/5038ee677606106c91564f9c4557d808d14bad70
https://git.kernel.org/stable/c/611d617bdb6c5d636a9861ec1c9…
https://git.kernel.org/stable/c/611d617bdb6c5d636a9861ec1c98e813fc8a5556
https://git.kernel.org/stable/c/dc608edf7d45ba0c2ad14c06ecc…
https://git.kernel.org/stable/c/dc608edf7d45ba0c2ad14c06eccd66474fec7847
https://git.kernel.org/stable/c/fa6bbb4894b9b947063c6ff9001…
https://git.kernel.org/stable/c/fa6bbb4894b9b947063c6ff90018a954c5f9f4b3