CVE-2022-50192: spi: tegra20-slink: fix UAF in tegra_slink_remove()
In the Linux kernel, the following vulnerability has been resolved:
spi: tegra20-slink: fix UAF in tegra_slink_remove()
After calling spi_unregister_master(), the refcount of master will
be decrease to 0, and it will be freed in spi_controller_release(),
the device data also will be freed, so it will lead a UAF when using
'tspi'. To fix this, get the master before unregister and put it when
finish using it.
Security readout for executives and security teams
Plain-English summary
CVE-2022-50192 is a Linux kernel use-after-free bug in the Tegra20 SLINK SPI driver removal path. It affects systems using that driver on vulnerable kernel builds. The source bundle provides no CVSS score, CWE, or confirmed exploitation evidence, so urgency depends on whether affected Tegra-based systems are in use.
Executive priority
Treat as a targeted kernel maintenance issue, not a broad enterprise emergency based on current evidence. Prioritize confirmation for embedded or Tegra-based assets and fold remediation into kernel update governance.
Technical view
The bug occurs in tegra_slink_remove(). After spi_unregister_master(), the SPI master reference count can drop to zero and free related device data. Later use of the driver data pointer can trigger a use-after-free. Kernel fixes retain the master before unregistering and release it after final use.
Likely exposure
Most enterprises are likely exposed only if they run Linux on NVIDIA Tegra platforms using the tegra20-slink SPI driver. General Linux servers without this hardware or driver path are unlikely to be affected based on the provided sources.
Exploitation context
The bundle does not show active exploitation, public exploit details, KEV listing, CVSS, or attack prerequisites. The issue appears tied to device or driver removal behavior, which may limit practical exposure but still requires vendor-supported kernel fixes where applicable.
Researcher notes
Evidence is limited to the CVE record and Linux stable commits. Version data in the bundle is incomplete, but fixes reference stable branches around 5.15.61, 5.18.18, 5.19.2, and 6.0. Do not assume remote exploitability from the supplied sources.
Mitigation direction
Identify Tegra-based Linux systems using the tegra20-slink SPI driver.
Update affected kernels to vendor-supported builds containing the referenced stable fixes.
If no vendor package is available, check Linux distribution or device vendor guidance.
Prioritize embedded, appliance, and edge devices where kernel updates may lag.
Validation and detection
Inventory kernel versions and hardware platforms for Tegra20 SLINK SPI usage.
Compare installed kernels against vendor advisories and referenced stable fix commits.
Confirm the running kernel includes the tegra_slink_remove() reference-count fix.
Document systems confirmed not to use the affected driver or hardware.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cve · low confidence lookup
CVE-2022-50192 mapping review
Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
0CVSS vectors
3Timeline events
0ADP providers
5Source links
Vulnerability timeline
Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.
CVE reservedCVE Program
The CVE ID was reserved by the assigning CNA.
CVE publishedCVE Program
The CVE record was published.
Jun 18, 2025, 11:03 UTC (UTC+00:00)
CVE updatedCVE Program
The CVE record metadata indicates this as the latest update time.