CVE-2022-50473
Published: Oct 4, 2025
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: cpufreq: Init completion before kobject_init_and_add() In cpufreq_policy_alloc(), it will call uninitialed completion in cpufreq_sysfs_release() when kobject_init_and_add() fails. And that will cause a crash such as the following page fault in complete: BUG: unable to handle page fault for address: fffffffffffffff8 [..] RIP: 0010:complete+0x98/0x1f0 [..] Call Trace: kobject_put+0x1be/0x4c0 cpufreq_online.cold+0xee/0x1fd cpufreq_add_dev+0x183/0x1e0 subsys_interface_register+0x3f5/0x4e0 cpufreq_register_driver+0x3b7/0x670 acpi_cpufreq_init+0x56c/0x1000 [acpi_cpufreq] do_one_initcall+0x13d/0x780 do_init_module+0x1c3/0x630 load_module+0x6e67/0x73b0 __do_sys_finit_module+0x181/0x240 do_syscall_64+0x35/0x80 entry_SYSCALL_64_after_hwframe+0x63/0xcd
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 4ebe36c94aed95de71a8ce6a6762226d31c938ee - < 3cdd91a9163248935720927531066b74f57aa43baffected 4ebe36c94aed95de71a8ce6a6762226d31c938ee - < e379b88a8f8cffc99b318e028705ed9e3da0e1e0affected 4ebe36c94aed95de71a8ce6a6762226d31c938ee - < 8fb4c98f20dfca1237de2e3dfdbe78d156784fd3affected 4ebe36c94aed95de71a8ce6a6762226d31c938ee - < d88540acfc7a17079021d866de914112c396edb1affected 4ebe36c94aed95de71a8ce6a6762226d31c938ee - < e7c0c943ed675b66d4bbb16c51c6a3bb58da047e+3 more versions |
Linux | Linux | affected 5.2unaffected 0 - < 5.2unaffected 5.4.229 - <= 5.4.*unaffected 5.10.163 - <= 5.10.*unaffected 5.15.87 - <= 5.15.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now