vulnerability
Ubuntu: (CVE-2022-50722): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Dec 24, 2025 | Jan 6, 2026 | Jan 6, 2026 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Dec 24, 2025
Added
Jan 6, 2026
Modified
Jan 6, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use. The problem with that approach and a later patch (see Fixes: tag) is that as sd_state argument to v4l2_subdev_get_try_crop() et al is NULL, there is now an attempt to dereference that. Fix this. Also rewrap lines a little.
Solutions
ubuntu-upgrade-linuxubuntu-upgrade-linux-awsubuntu-upgrade-linux-aws-5-15ubuntu-upgrade-linux-azureubuntu-upgrade-linux-azure-5-15ubuntu-upgrade-linux-bluefieldubuntu-upgrade-linux-gcpubuntu-upgrade-linux-gcp-5-15ubuntu-upgrade-linux-gkeubuntu-upgrade-linux-gkeopubuntu-upgrade-linux-hwe-5-15ubuntu-upgrade-linux-ibmubuntu-upgrade-linux-intel-iotgubuntu-upgrade-linux-intel-iotg-5-15ubuntu-upgrade-linux-kvmubuntu-upgrade-linux-lowlatencyubuntu-upgrade-linux-lowlatency-hwe-5-15ubuntu-upgrade-linux-nvidiaubuntu-upgrade-linux-oracleubuntu-upgrade-linux-oracle-5-15ubuntu-upgrade-linux-raspiubuntu-upgrade-linux-realtimeubuntu-upgrade-linux-riscv-5-15
References
- CVE-2022-50722
- https://attackerkb.com/topics/CVE-2022-50722
- URL-https://git.kernel.org/stable/c/5265cc1202a31f7097691c3483a0d60d624424a5
- URL-https://git.kernel.org/stable/c/740717b756c17190dc2d2ad4c6de1e63f214e0c9
- URL-https://git.kernel.org/stable/c/b9eb3ab6f30bf32f7326909f17949ccb11bab514
- URL-https://www.cve.org/CVERecord?id=CVE-2022-50722
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.