What is CVE-2022-50558?

CVE-2022-50558 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 6.0 onward and patched in 6.0.16, 6.1.2 and 6.2. CVE-2022-50558 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2022-50558?

CVE-2022-50558 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2022-50558?

Yes, CVE-2022-50558 has been patched. Fixed versions include 6.0.16, 6.1.2 and 6.2. If you are running Linux kernel 6.0 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2022-50558 actively exploited?

CVE-2022-50558 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2022-50558

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new num_config_regs property in regmap_add_irq_chip_fwnode Commit faa87ce9196d ("regmap-irq: Introduce config registers for irq types") added the num_config_regs, then commit 9edd4f5aee84 ("regmap-irq: Deprecate type registers and virtual registers") suggested to replace num_type_reg with it. However, regmap_add_irq_chip_fwnode wasn't modified to use the new property. Later on, commit 255a03bb1bb3 ("ASoC: wcd9335: Convert irq chip to config regs") removed the old num_type_reg property from the WCD9335 driver's struct regmap_irq_chip, causing a null pointer dereference in regmap_irq_set_type when it tried to index d->type_buf as it was never allocated in regmap_add_irq_chip_fwnode: [ 39.199374] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 39.200006] Call trace: [ 39.200014] regmap_irq_set_type+0x84/0x1c0 [ 39.200026] __irq_set_trigger+0x60/0x1c0 [ 39.200040] __setup_irq+0x2f4/0x78c [ 39.200051] request_threaded_irq+0xe8/0x1a0 Use num_config_regs in regmap_add_irq_chip_fwnode instead of num_type_reg, and fall back to it if num_config_regs isn't defined to maintain backward compatibility.

Package Linux Kernel

Published 2025-10-22

Last modified 2026-04-15

Patch available

Yes

Affected versions

Linux kernel versions 6.0 and later are affected. Fixed in 6.0.16, 6.1.2, 6.2 and their respective stable series.

Affected from

≥ 6.0

Fixed in

✓ 6.0.16 6.0.x ✓ 6.1.2 6.1.x ✓ 6.2

References

The following references provide additional information about CVE-2022-50558 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/57bb34330c0fc70bb4ab96399a3c1b80e73e9d49
Patch
Kernel patch commit
https://git.kernel.org/stable/c/84498d1fb35de6ab71bdfdb6270a464fb4a0951b
Patch
Kernel patch commit
https://git.kernel.org/stable/c/961db32e52f4d34a9a95939a30393fd190397f84
Patch

Frequently asked questions

What is CVE-2022-50558?

CVE-2022-50558 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 6.0 onward and has been patched in 6.0.16, 6.1.2 and 6.2. CVE-2022-50558 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2022-50558?

Yes — CVE-2022-50558 has been patched. Fixed versions include 6.0.16, 6.1.2 and 6.2. If you are running Linux kernel 6.0 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2022-50558 actively exploited?

No — CVE-2022-50558 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.