{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2022-50192","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-06-18T10:57:27.428Z","datePublished":"2025-06-18T11:03:37.549Z","dateUpdated":"2026-05-11T19:14:34.267Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:14:34.267Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nspi: tegra20-slink: fix UAF in tegra_slink_remove()\n\nAfter calling spi_unregister_master(), the refcount of master will\nbe decrease to 0, and it will be freed in spi_controller_release(),\nthe device data also will be freed, so it will lead a UAF when using\n'tspi'. To fix this, get the master before unregister and put it when\nfinish using it."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/spi/spi-tegra20-slink.c"],"versions":[{"version":"26c863418221344b1cfb8e6c11116b2b81144281","lessThan":"415b4ce61308f24583912d887772dfcbf97f1d20","status":"affected","versionType":"git"},{"version":"26c863418221344b1cfb8e6c11116b2b81144281","lessThan":"800c7767e05d29656713e04532823a752e57e037","status":"affected","versionType":"git"},{"version":"26c863418221344b1cfb8e6c11116b2b81144281","lessThan":"67f77172644260482fdafc03b6025847944701e5","status":"affected","versionType":"git"},{"version":"26c863418221344b1cfb8e6c11116b2b81144281","lessThan":"7e9984d183bb1e99e766c5c2b950ff21f7f7b6c0","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/spi/spi-tegra20-slink.c"],"versions":[{"version":"5.15","status":"affected"},{"version":"0","lessThan":"5.15","status":"unaffected","versionType":"semver"},{"version":"5.15.61","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.18.18","lessThanOrEqual":"5.18.*","status":"unaffected","versionType":"semver"},{"version":"5.19.2","lessThanOrEqual":"5.19.*","status":"unaffected","versionType":"semver"},{"version":"6.0","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"5.15.61"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"5.18.18"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"5.19.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.0"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/415b4ce61308f24583912d887772dfcbf97f1d20"},{"url":"https://git.kernel.org/stable/c/800c7767e05d29656713e04532823a752e57e037"},{"url":"https://git.kernel.org/stable/c/67f77172644260482fdafc03b6025847944701e5"},{"url":"https://git.kernel.org/stable/c/7e9984d183bb1e99e766c5c2b950ff21f7f7b6c0"}],"title":"spi: tegra20-slink: fix UAF in tegra_slink_remove()","x_generator":{"engine":"bippy-1.2.0"}}}}