CVE-2022-50722 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use. The problem with that approach and a later patch (see Fixes: tag) is that as sd_state argument to v4l2_subdev_get_try_crop() et al is NULL, there is now an attempt to dereference that. Fix this. Also rewrap lines a little.

PUBLISHED Reserved 2025-12-24 | Published 2025-12-24 | Updated 2025-12-24 | Assigner Linux

Product status

Default status

unaffected

0d346d2a6f54f06f36b224fd27cd6eafe8c83be9 (git) before 5265cc1202a31f7097691c3483a0d60d624424a5

affected

0d346d2a6f54f06f36b224fd27cd6eafe8c83be9 (git) before 740717b756c17190dc2d2ad4c6de1e63f214e0c9

affected

0d346d2a6f54f06f36b224fd27cd6eafe8c83be9 (git) before b9eb3ab6f30bf32f7326909f17949ccb11bab514

affected

Default status

affected

5.14

affected

Any version before 5.14

unaffected

5.15.76 (semver)

unaffected

6.0.6 (semver)

unaffected

6.1 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/5265cc1202a31f7097691c3483a0d60d624424a5

git.kernel.org/...c/740717b756c17190dc2d2ad4c6de1e63f214e0c9

git.kernel.org/...c/b9eb3ab6f30bf32f7326909f17949ccb11bab514

cve.org (CVE-2022-50722)

nvd.nist.gov (CVE-2022-50722)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.

help @ threatint.eu