SB20251230244 - NULL pointer dereference in Linux kernel dma-buf driver
Published: December 30, 2025 Updated: December 30, 2025
Security Bulletin ID
SB20251230244
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2022-50819)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the begin_cpu_udmabuf() function in drivers/dma-buf/udmabuf.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/9861e43f097a50678041f973347b3a88f2da09cf
- https://git.kernel.org/stable/c/bbe2f6f90310b3a0b5de4e0dc022b36faabfd718
- https://git.kernel.org/stable/c/d9c04a1b7a15b5e74b2977461d9511e497f05d8f
- https://git.kernel.org/stable/c/dfbed8c92eb853929f4fa676ba493391dab47be4
- https://git.kernel.org/stable/c/fc285549f454c0f50f87ec945fc0bf44719c0fa4
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.17