CVE-2022-50722

Published: Dec 24, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use. The problem with that approach and a later patch (see Fixes: tag) is that as sd_state argument to v4l2_subdev_get_try_crop() et al is NULL, there is now an attempt to dereference that. Fix this. Also rewrap lines a little.

Vendor	Product	Versions
Linux	Linux	affected `0d346d2a6f54f06f36b224fd27cd6eafe8c83be9 - < 5265cc1202a31f7097691c3483a0d60d624424a5` affected `0d346d2a6f54f06f36b224fd27cd6eafe8c83be9 - < 740717b756c17190dc2d2ad4c6de1e63f214e0c9` affected `0d346d2a6f54f06f36b224fd27cd6eafe8c83be9 - < b9eb3ab6f30bf32f7326909f17949ccb11bab514`
Linux	Linux	affected `5.14` unaffected `0 - < 5.14` unaffected `5.15.76 - <= 5.15.` unaffected `6.0.6 - <= 6.0.` unaffected `6.1 - <= *`

References

https://git.kernel.org/stable/c/5265cc1202a31f7097691c3483a0d60d624424a5

https://git.kernel.org/stable/c/740717b756c17190dc2d2ad4c6de1e63f214e0c9

https://git.kernel.org/stable/c/b9eb3ab6f30bf32f7326909f17949ccb11bab514

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-50722

Description

Affected Products

References