VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 24, 2025· Updated Apr 15, 2026

CVE-2022-50722

CVE-2022-50722

Description

In the Linux kernel, the following vulnerability has been resolved:

media: ipu3-imgu: Fix NULL pointer dereference in active selection access

What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use.

The problem with that approach and a later patch (see Fixes: tag) is that as sd_state argument to v4l2_subdev_get_try_crop() et al is NULL, there is now an attempt to dereference that.

Fix this.

Also rewrap lines a little.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A NULL pointer dereference in the Linux kernel's IPU3 IMGU driver occurs when accessing active V4L2 subdev state without proper validation.

Vulnerability

Overview

The vulnerability resides in the Intel IPU3 (Image Processing Unit 3) IMGU driver within the Linux kernel. The driver incorrectly acquires pointers to both active and try V4L2 subdev states before determining which one to use. When the sd_state argument passed to functions like v4l2_subdev_get_try_crop() is NULL, the subsequent dereference leads to a NULL pointer dereference [1].

Exploitation

Context

An attacker would need to trigger a code path where the IMGU driver processes a selection request with a NULL state pointer. This could occur through crafted V4L2 ioctl calls from userspace, potentially requiring local access to the video device node. No authentication is explicitly required beyond the ability to interact with the media subsystem.

Impact

Successful exploitation results in a kernel panic or denial of service (DoS) due to the NULL pointer dereference. The crash can disrupts system stability, potentially causing a crash of the affected system. No privilege escalation or data leakage is indicated by the available information.

Mitigation

The fix is included in Linux kernel stable updates. Users should apply the latest kernel patches from their distribution or update to a kernel version containing the commit referenced in [1]. No workaround is documented.

References
  1. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

3
5265cc1202a3
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
740717b756c1
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
b9eb3ab6f30b
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.