CVE-2022-50677

ipmi: fix use after free in _ipmi_destroy_user()

Severity Score

7.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: ipmi: fix use after free in _ipmi_destroy_user() The intf_free() function frees the "intf" pointer so we cannot
dereference it again on the next line.

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-12-09 CVE Reserved
2025-12-09 CVE Published
2025-12-09 CVE Updated
2026-04-10 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (10)

URL	Tag	Source
https://git.kernel.org/stable/c/f9d405a4bd6090ffbf3bba5e2da6b44c0e013cb3	Vuln. Introduced
https://git.kernel.org/stable/c/b642ced2cad496c32ae1f62b85fc395391190820	Vuln. Introduced
https://git.kernel.org/stable/c/cbb79863fc3175ed5ac506465948b02a893a8235	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/35ad87bfe330f7ef6a19f772223c63296d643172	2023-01-18
https://git.kernel.org/stable/c/d23006f2a56e11a3103de0ca8b843bf7fd7d76fc	2023-01-18
https://git.kernel.org/stable/c/f29d127b372e1b7662397d92341d9f7de198ff99	2023-01-14
https://git.kernel.org/stable/c/bfce073089cb81482521c65061835aaa6d1a6cc0	2023-01-12
https://git.kernel.org/stable/c/f7fde441198a9ecb130c3ccec91ee2131d6998ee	2023-01-07
https://git.kernel.org/stable/c/1fc9b20a7688000fcf4d7fbaa58e415a3cdda961	2023-01-07
https://git.kernel.org/stable/c/a92ce570c81dc0feaeb12a429b4bc65686d17967	2022-11-15

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19.92 < 4.19.270 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19.92 < 4.19.270"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.4.7 < 5.4.229 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4.7 < 5.4.229"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 5.10.163 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.10.163"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 5.15.87 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.15.87"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 6.0.18 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 6.0.18"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 6.1.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 6.1.4"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 6.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 6.2"		en		Affected