CVE-2022-50276

medium

Description

In the Linux kernel, the following vulnerability has been resolved: power: supply: fix null pointer dereferencing in power_supply_get_battery_info when kmalloc() fail to allocate memory in kasprintf(), propname will be NULL, strcmp() called by of_get_property() will cause null pointer dereference. So return ENOMEM if kasprintf() return NULL pointer.

References

https://git.kernel.org/stable/c/d21534ab4fd7883e1c8037a76671d4e8b6ea14cb

https://git.kernel.org/stable/c/b8131efb89d9f837c9244f900f0fc2699fd1181d

https://git.kernel.org/stable/c/8ea68b4e3fa9392ef9dae303abc8735a033c280f

https://git.kernel.org/stable/c/5beadb55f4e36fafe5d6df5dcd5f85d803f3f134

https://git.kernel.org/stable/c/279af90e65cbdb3e5c4519b0043324d7876bc5ec

https://git.kernel.org/stable/c/104bb8a663451404a26331263ce5b96c34504049

Details

Source: Mitre, NVD

Published: 2025-09-15

Updated: 2025-09-15

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00033