#VU115514 Improper error handling in Linux kernel - CVE-2022-50282
Published: September 16, 2025 / Updated: September 22, 2025
Vulnerability identifier: #VU115514
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-50282
CWE-ID: CWE-388
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the cdev_device_add() function in fs/char_dev.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/11fa7fefe3d8fac7da56bc9aa3dd5fb3081ca797
- https://git.kernel.org/stable/c/28dc61cc49c6e995121c6d86bef4b73df78dda80
- https://git.kernel.org/stable/c/34d17b39bceef25e4cf9805cd59250ae05d0a139
- https://git.kernel.org/stable/c/5d2146889fad4cb9e6c13e790d4cfd871486eca8
- https://git.kernel.org/stable/c/6acf8597c5b04f455ee0649e11e5f3bcd28f381e
- https://git.kernel.org/stable/c/85a5660491b507d33662b8e81c142e6041e642eb
- https://git.kernel.org/stable/c/b5de1eac71fec1af7723f1083d23a24789fd795c
- https://git.kernel.org/stable/c/c46db6088bccff5115674d583fef46ede80077a2
- https://git.kernel.org/stable/c/d85b5247a79355b8432bfd9ac871f96117f750d4
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.229