ghsa-8wrr-6rrg-3vch
Vulnerability from github
Published
2025-09-18 18:30
Modified
2025-09-18 18:30
Details

In the Linux kernel, the following vulnerability has been resolved:

parisc: led: Fix potential null-ptr-deref in start_task()

start_task() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. And a null-ptr-deref may happen:

start_task() create_singlethread_workqueue() # failed, led_wq is NULL queue_delayed_work() queue_delayed_work_on() __queue_delayed_work() # warning here, but continue __queue_work() # access wq->flags, null-ptr-deref

Check the ret value and return -ENOMEM if it is NULL.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2022-50415"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-18T16:15:44Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nparisc: led: Fix potential null-ptr-deref in start_task()\n\nstart_task() calls create_singlethread_workqueue() and not checked the\nret value, which may return NULL. And a null-ptr-deref may happen:\n\nstart_task()\n    create_singlethread_workqueue() # failed, led_wq is NULL\n    queue_delayed_work()\n        queue_delayed_work_on()\n            __queue_delayed_work()  # warning here, but continue\n                __queue_work()      # access wq-\u003eflags, null-ptr-deref\n\nCheck the ret value and return -ENOMEM if it is NULL.",
  "id": "GHSA-8wrr-6rrg-3vch",
  "modified": "2025-09-18T18:30:27Z",
  "published": "2025-09-18T18:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50415"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3505c187b86136250b39e62c72a3a70435277af6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/41f563ab3c33698bdfc3403c7c2e6c94e73681e4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5e4500454d75dd249be4695d83afa3ba0724c37e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/67c98fec87ed76b1feb2ae810051afd88dfa9df6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/77f8b628affaec692d83ad8bfa3520db8a0cc493"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ac838c663ba1fd6bff35a817fd89a47ab55e88e0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c6db0c32f39684c89c97bc1ba1c9c4249ca09e48"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fc307b2905a3dd75c50a53b4d87ac9c912fb7c4e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fc6d0f65f22040c6cc8a5ce032bf90252629de50"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.