CVE-2022-50195
MediumIn the Linux kernel, the following vulnerability has been resolved: ARM: dts: qcom: replace gcc PXO with pxo_board fixed clock Replace gcc PXO phandle to pxo_board fixed clock declared in the dts. gcc driver doesn't provide PXO_SRC as it's a fixed-clock. This cause a kernel panic if any driver actually try to use it.
CVSS 3.1 score
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected versions
Linux kernel versions
5.14
and later are affected. Fixed in
5.19.2,
6.0
and their respective stable series.
References
The following references provide additional information about CVE-2022-50195 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.
-
PatchKernel patch commithttps://git.kernel.org/stable/c/0a4fa4ce697987b71eafce17bb198961ed9070bd
-
PatchKernel patch commithttps://git.kernel.org/stable/c/eb9e93937756a05787977875830c0dc482cb57e0
Frequently asked questions
-
What is CVE-2022-50195?
CVE-2022-50195 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10 . It affects Linux kernel versions from 5.14 onward and has been patched in 5.19.2 and 6.0. CVE-2022-50195 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
-
What is the CVSS score for CVE-2022-50195?
CVE-2022-50195 has a CVSS score of 5.5 out of 10, rated Medium severity (CVSS 3.1). The vector string is
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. -
Is there a patch available for CVE-2022-50195?
Yes — CVE-2022-50195 has been patched. Fixed versions include 5.19.2 and 6.0. If you are running Linux kernel 5.14 or later up to the fix versions, apply the relevant patch for your kernel branch.
-
Is CVE-2022-50195 actively exploited?
No — CVE-2022-50195 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.