CVE-2022-50327

medium

Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which would cause a NULL pointer dereference to occur in acpi_device_hid(). [ rjw: Subject and changelog edits, added empty line after if () ]

References

https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html

https://git.kernel.org/stable/c/fdee7a0acc566c4194d40a501b8a1584e86cc208

https://git.kernel.org/stable/c/b85f0e292f73f353eea915499604fbf50c8238b4

https://git.kernel.org/stable/c/ad1190744da9d812da55b76f2afce750afb0a3bd

https://git.kernel.org/stable/c/8e8b5f12ee4ab6f5d252c9ca062a4ada9554e6d9

https://git.kernel.org/stable/c/2ecd629c788bbfb96be058edade2e934d3763eaf

https://git.kernel.org/stable/c/2437513a814b3e93bd02879740a8a06e52e2cf7d

Details

Source: Mitre, NVD

Published: 2025-09-15

Updated: 2025-11-03

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00024