CVE-2022-50489

drm/mipi-dsi: Detach devices when removing the host

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: drm/mipi-dsi: Detach devices when removing the host Whenever the MIPI-DSI host is unregistered, the code of
mipi_dsi_host_unregister() loops over every device currently found on that
bus and will unregister it. However, it doesn't detach it from the bus first, which leads to all kind
of resource leaks if the host wants to perform some clean up whenever a
device is detached.

In the Linux kernel, the following vulnerability has been resolved: drm/mipi-dsi: Detach devices when removing the host Whenever the MIPI-DSI host is unregistered, the code of mipi_dsi_host_unregister() loops over every device currently found on that bus and will unregister it. However, it doesn't detach it from the bus first, which leads to all kind of resource leaks if the host wants to perform some clean up whenever a device is detached.

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues.

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-10-04 CVE Reserved
2025-10-04 CVE Published
2026-04-30 EPSS Updated
2026-05-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-459: Incomplete Cleanup

CAPEC

References (12)

URL	Tag	Source
https://git.kernel.org/stable/c/068a00233969833f1ba925e7627797489efd6041	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/c202cda08cd5693645d4990ad1eb2e8068a884ec	2022-10-26
https://git.kernel.org/stable/c/262364574b05676d4b9ebde2ddd3588cd2efd8ce	2022-10-26
https://git.kernel.org/stable/c/95ae458209f5a556bba98aff872f933694914eb7	2022-10-26
https://git.kernel.org/stable/c/8242167cfc83dd7e4c96f44b45f108db9bb88146	2022-10-26
https://git.kernel.org/stable/c/45120fa5e522d444e3fc1c5a9afc5d53eed91d00	2022-10-26
https://git.kernel.org/stable/c/26c1b4cfe56f040f71a51c92da1f4cac2e3b9455	2022-10-26
https://git.kernel.org/stable/c/353ab1c13fdd6e524edde780235a8ce9b892c81c	2022-10-24
https://git.kernel.org/stable/c/6fc2cd40db1969ba372ce9536dcfcdb87271eac4	2022-10-21
https://git.kernel.org/stable/c/668a8f17b5290d04ef7343636a5588a0692731a1	2022-07-13

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2022-50489	2023-11-14
https://bugzilla.redhat.com/show_bug.cgi?id=2401549	2023-11-14

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 4.9.331 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 4.9.331"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 4.14.296 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 4.14.296"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 4.19.262 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 4.19.262"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 5.4.220 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 5.4.220"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 5.10.150 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 5.10.150"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 5.15.75 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 5.15.75"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 5.19.17 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 5.19.17"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 6.0.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 6.0.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.14 < 6.1 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.14 < 6.1"		en		Affected