#VU120791 NULL pointer dereference in Linux kernel - CVE-2022-50879
Published: December 30, 2025 / Updated: December 30, 2025
Vulnerability identifier: #VU120791
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-50879
CWE-ID: CWE-476
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __dead_end_function() function in tools/objtool/check.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/0af0e115ff59d638f45416a004cdd8edb38db40c
- https://git.kernel.org/stable/c/23a249b1185cdd5bfb6971d1608ba49e589f2288
- https://git.kernel.org/stable/c/38b9415abbd703438ebbc6fb74990bd0fbddc5b9
- https://git.kernel.org/stable/c/418ef921cce2d7415fab7e3e93529227f239e4bb
- https://git.kernel.org/stable/c/efb11fdb3e1a9f694fa12b70b21e69e55ec59c36
- https://git.kernel.org/stable/c/fcee8a2d4db404a93e690d79e7273b6ef9d33575
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.3