What is CVE-2022-50757?

CVE-2022-50757 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 4.14 onward and patched in 4.14.303, 4.19.270, 5.4.229 and others. CVE-2022-50757 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2022-50757?

CVE-2022-50757 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2022-50757?

Yes, CVE-2022-50757 has been patched. Fixed versions include 4.14.303, 4.19.270, 5.4.229 and others. If you are running Linux kernel 4.14 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2022-50757 actively exploited?

CVE-2022-50757 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2022-50757

In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is required to return the received buffers, if streaming can not be started. For instance media_pipeline_start() may fail with EPIPE, if a link validation between entities is not passed, and in such a case a user gets a kernel warning: WARNING: CPU: 1 PID: 520 at drivers/media/common/videobuf2/videobuf2-core.c:1592 vb2_start_streaming+0xec/0x160 <snip> Call trace: vb2_start_streaming+0xec/0x160 vb2_core_streamon+0x9c/0x1a0 vb2_ioctl_streamon+0x68/0xbc v4l_streamon+0x30/0x3c __video_do_ioctl+0x184/0x3e0 video_usercopy+0x37c/0x7b0 video_ioctl2+0x24/0x40 v4l2_ioctl+0x4c/0x70 The fix is to correct the error path in video_start_streaming() of camss.

Package Linux Kernel

Published 2025-12-24

Last modified 2026-04-15

Patch available

Yes

Affected versions

Linux kernel versions 4.14 and later are affected. Fixed in 4.14.303, 4.19.270, 5.4.229, 5.10.163, 5.15.86, 6.0.16, 6.1.2, 6.2 and their respective stable series.

Affected from

≥ 4.14

Fixed in

✓ 4.14.303 4.14.x ✓ 4.19.270 4.19.x ✓ 5.4.229 5.4.x ✓ 5.10.163 5.10.x ✓ 5.15.86 5.15.x ✓ 6.0.16 6.0.x ✓ 6.1.2 6.1.x ✓ 6.2

References

The following references provide additional information about CVE-2022-50757 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/04c734c716a97f1493b1edac41316aaed1d2a9d9
Patch
Kernel patch commit
https://git.kernel.org/stable/c/24df4fa3e795fb4b15fd4d3c036596e0978d265a
Patch
Kernel patch commit
https://git.kernel.org/stable/c/3d5cab726e3b370fea1b6e67183f0e13c409ce5c
Patch

8 patch commits total View all on NVD

Frequently asked questions

What is CVE-2022-50757?

CVE-2022-50757 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 4.14 onward and has been patched in 4.14.303, 4.19.270, 5.4.229 and others. CVE-2022-50757 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2022-50757?

Yes — CVE-2022-50757 has been patched. Fixed versions include 4.14.303, 4.19.270, 5.4.229 and others. If you are running Linux kernel 4.14 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2022-50757 actively exploited?

No — CVE-2022-50757 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.