QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-50044

Back to search

CVE-2022-50044

Published: Jun 18, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: start MHI channel after endpoit creation MHI channel may generates event/interrupt right after enabling. It may leads to 2 race conditions issues. 1) Such event may be dropped by qcom_mhi_qrtr_dl_callback() at check: if (!qdev || mhi_res->transaction_status) return; Because dev_set_drvdata(&mhi_dev->dev, qdev) may be not performed at this moment. In this situation qrtr-ns will be unable to enumerate services in device. --------------------------------------------------------------- 2) Such event may come at the moment after dev_set_drvdata() and before qrtr_endpoint_register(). In this case kernel will panic with accessing wrong pointer at qcom_mhi_qrtr_dl_callback(): rc = qrtr_endpoint_post(&qdev->ep, mhi_res->buf_addr, mhi_res->bytes_xferd); Because endpoint is not created yet. -------------------------------------------------------------- So move mhi_prepare_for_transfer_autoqueue after endpoint creation to fix it.

VendorProductVersions

Linux

Linux

affected
a2e2cc0dbb1121dfa875da1c04f3dff966fec162 - < c682fb70a7dfc25b848a4ff3a385b0471b470606
affected
a2e2cc0dbb1121dfa875da1c04f3dff966fec162 - < a1a75f78a2937567946b1b756f82462874b5ca20
affected
a2e2cc0dbb1121dfa875da1c04f3dff966fec162 - < 68a838b84effb7b57ba7d50b1863fc6ae35a54ce

Linux

Linux

affected
5.11
unaffected
0 - < 5.11
unaffected
5.15.63 - <= 5.15.*
unaffected
5.19.4 - <= 5.19.*
unaffected
6.0 - <= *

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now