CVE-2022-50190

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
18/06/2025
Last modified:
18/06/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> spi: Fix simplification of devm_spi_register_controller<br /> <br /> This reverts commit 59ebbe40fb51 ("spi: simplify<br /> devm_spi_register_controller").<br /> <br /> If devm_add_action() fails in devm_add_action_or_reset(),<br /> devm_spi_unregister() will be called, it decreases the<br /> refcount of &amp;#39;ctlr-&gt;dev&amp;#39; to 0, then it will cause uaf in<br /> the drivers that calling spi_put_controller() in error path.

Impact