SB2025100858 - Use-after-free in Linux kernel radio si470x driver
Published: October 8, 2025 Updated: October 26, 2025
Security Bulletin ID
SB2025100858
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use-after-free (CVE-ID: CVE-2022-50542)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the si470x_usb_driver_probe() function in drivers/media/radio/si470x/radio-si470x-usb.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0ca298d548461d29615f9a2b1309e8dcf4a352c6
- https://git.kernel.org/stable/c/146bd005ebb01ae190c22af050cb98623958c373
- https://git.kernel.org/stable/c/1c6447d0fc68650e51586dde79b5090d9d77f13a
- https://git.kernel.org/stable/c/52f54fe78cca24850a30865037250f63eb3d5bf7
- https://git.kernel.org/stable/c/63648a7bd1a7599bcc2040a6d1792363ae4c2e1b
- https://git.kernel.org/stable/c/6c8aee0c8fcc6dda94315f7908e8fa9bc75abe75
- https://git.kernel.org/stable/c/7d21e0b1b41b21d628bf2afce777727bd4479aa5
- https://git.kernel.org/stable/c/8c6151b8e8dd2d98ad2cd725d26d1e103d989891
- https://git.kernel.org/stable/c/92b0888398e4ba51d93b618a6506781f4e3879c9
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.2