CVE & CISA-KEV Catalog

CVE-2022-50047

MEDIUM
5.5
CVSS v3
NVD

Description

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6060: prevent crash on an unused port If the port isn't a CPU port nor a user port, 'cpu_dp' is a null pointer and a crash happened on dereferencing it in mv88e6060_setup_port(): [ 9.575872] Unable to handle kernel NULL pointer dereference at virtual address 00000014 ... [ 9.942216] mv88e6060_setup from dsa_register_switch+0x814/0xe84 [ 9.948616] dsa_register_switch from mdio_probe+0x2c/0x54 [ 9.954433] mdio_probe from really_probe.part.0+0x98/0x2a0 [ 9.960375] really_probe.part.0 from driver_probe_device+0x30/0x10c [ 9.967029] driver_probe_device from __device_attach_driver+0xb8/0x13c [ 9.973946] __device_attach_driver from bus_for_each_drv+0x90/0xe0 [ 9.980509] bus_for_each_drv from __device_attach+0x110/0x184 [ 9.986632] __device_attach from bus_probe_device+0x8c/0x94 [ 9.992577] bus_probe_device from deferred_probe_work_func+0x78/0xa8 [ 9.999311] deferred_probe_work_func from process_one_work+0x290/0x73c [ 10.006292] process_one_work from worker_thread+0x30/0x4b8 [ 10.012155] worker_thread from kthread+0xd4/0x10c [ 10.017238] kthread from ret_from_fork+0x14/0x3c

How to fix

Remediation Available
linuxDebian
Fixed in:5.10.140-1CVE-2022-50047
Fixed in:6.0.2-1CVE-2022-50047
Fixed in:6.0.2-1CVE-2022-50047
Fixed in:6.0.2-1CVE-2022-50047

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityNone
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploit Intelligence

0.15%probability of exploitation in 30 days
5thpercentile

Low risk: more likely to be exploited than 5% of all known CVEs.

References

Related Vulnerabilities

Other CWE-476 (NULL Pointer Dereference) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2023-21758High7.592%-Fix
CVE-2023-21547High7.588%-Fix
CVE-2014-3470Medium4.386%-Fix
CVE-2021-44224High8.282%-Fix
CVE-2016-0742High7.582%-Fix
CVE-2009-1386Medium5.080%-Fix
Embed a live status badge for CVE-2022-50047
CVE-2022-50047 severity badge

Markdown

[![CVE-2022-50047](https://tridentstack.com/cve/badge/CVE-2022-50047.svg)](https://tridentstack.com/cve/CVE-2022-50047)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-50047"><img src="https://tridentstack.com/cve/badge/CVE-2022-50047.svg" alt="CVE-2022-50047"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-11-13.