CVE-2022-50558

{"id": "CVE-2022-50558", "cveTags": [], "metrics": {}, "published": "2025-10-22T14:15:40.513", "references": [{"url": "https://git.kernel.org/stable/c/57bb34330c0fc70bb4ab96399a3c1b80e73e9d49", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/84498d1fb35de6ab71bdfdb6270a464fb4a0951b", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/961db32e52f4d34a9a95939a30393fd190397f84", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregmap-irq: Use the new num_config_regs property in regmap_add_irq_chip_fwnode\n\nCommit faa87ce9196d (\"regmap-irq: Introduce config registers for irq\ntypes\") added the num_config_regs, then commit 9edd4f5aee84 (\"regmap-irq:\nDeprecate type registers and virtual registers\") suggested to replace\nnum_type_reg with it. However, regmap_add_irq_chip_fwnode wasn't modified\nto use the new property. Later on, commit 255a03bb1bb3 (\"ASoC: wcd9335:\nConvert irq chip to config regs\") removed the old num_type_reg property\nfrom the WCD9335 driver's struct regmap_irq_chip, causing a null pointer\ndereference in regmap_irq_set_type when it tried to index d->type_buf as\nit was never allocated in regmap_add_irq_chip_fwnode:\n\n[ 39.199374] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n\n[ 39.200006] Call trace:\n[ 39.200014] regmap_irq_set_type+0x84/0x1c0\n[ 39.200026] __irq_set_trigger+0x60/0x1c0\n[ 39.200040] __setup_irq+0x2f4/0x78c\n[ 39.200051] request_threaded_irq+0xe8/0x1a0\n\nUse num_config_regs in regmap_add_irq_chip_fwnode instead of num_type_reg,\nand fall back to it if num_config_regs isn't defined to maintain backward\ncompatibility."}], "lastModified": "2025-10-22T21:12:48.953", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}