CVE-2022-50190
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
18/06/2025
Last modified:
18/06/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
spi: Fix simplification of devm_spi_register_controller<br />
<br />
This reverts commit 59ebbe40fb51 ("spi: simplify<br />
devm_spi_register_controller").<br />
<br />
If devm_add_action() fails in devm_add_action_or_reset(),<br />
devm_spi_unregister() will be called, it decreases the<br />
refcount of &#39;ctlr->dev&#39; to 0, then it will cause uaf in<br />
the drivers that calling spi_put_controller() in error path.