CVE-2022-50499
Published: Oct 4, 2025
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: Fix double free in dvb_register_device() In function dvb_register_device() -> dvb_register_media_device() -> dvb_create_media_entity(), dvb->entity is allocated and initialized. If the initialization fails, it frees the dvb->entity, and return an error code. The caller takes the error code and handles the error by calling dvb_media_device_free(), which unregisters the entity and frees the field again if it is not NULL. As dvb->entity may not NULLed in dvb_create_media_entity() when the allocation of dvbdev->pad fails, a double free may occur. This may also cause an Use After free in media_device_unregister_entity(). Fix this by storing NULL to dvb->entity when it is freed.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 9db28659aa893c68f162b11fd63bb7f6a713e52f - < 0588b12c418c3e4f927ced11f27b02ef4a5bfb07affected 1399a136127bfe1b9bb7c951d9851da62a519121 - < e9a78485b658361fab6a5547377be6c1af6f1b3daffected 4df2427a5148093987437054bb82da4d014dcd59 - < 70bc51303871159796b55ba1a8f16637b46c2511affected fcd5ce4b3936242e6679875a4d3c3acfc8743e15 - < b21f62b49ee9c3e0216d685d9cfd6003e5727271affected fcd5ce4b3936242e6679875a4d3c3acfc8743e15 - < 7dd5a68cdbbbe7fc67ba701cb52ba10d8ba149f8+11 more versions |
Linux | Linux | affected 5.4unaffected 0 - < 5.4unaffected 4.9.337 - <= 4.9.*unaffected 4.14.303 - <= 4.14.*unaffected 4.19.270 - <= 4.19.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now