CVE-2022-50181

medium

Description

In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cache_ent' could be set NULL inside virtio_gpu_cmd_get_capset() and it will lead to a NULL dereference by a lately use of it (i.e., ptr = cache_ent->caps_cache). Fix it with a NULL check. [ kraxel: minor codestyle fixup ]

References

https://git.kernel.org/stable/c/bd63f11f4c3c46afec07d821f74736161ff6e526

https://git.kernel.org/stable/c/adbdd21983fa292e53aec3eab97306b2961ea887

https://git.kernel.org/stable/c/39caef09666c1d8274abf9472c72bcac236dc5fb

https://git.kernel.org/stable/c/367882a5a9448b5e1ba756125308092d614cb96c

https://git.kernel.org/stable/c/259773fc874258606c0121767a4a27466ff337eb

Details

Source: Mitre, NVD

Published: 2025-06-18

Updated: 2025-06-18

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018