LiveActive security incident?Get immediate response
CVE Record

CVE-2022-50558: regmap-irq: Use the new num_config_regs property in regmap_add_irq_chip_fwnode

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new num_config_regs property in regmap_add_irq_chip_fwnode Commit faa87ce9196d ("regmap-irq: Introduce config registers for irq types") added the num_config_regs, then commit 9edd4f5aee84 ("regmap-irq: Deprecate type registers and virtual registers") suggested to replace num_type_reg with it. However, regmap_add_irq_chip_fwnode wasn't modified to use the new property. Later on, commit 255a03bb1bb3 ("ASoC: wcd9335: Convert irq chip to config regs") removed the old num_type_reg property from the WCD9335 driver's struct regmap_irq_chip, causing a null pointer dereference in regmap_irq_set_type when it tried to index d->type_buf as it was never allocated in regmap_add_irq_chip_fwnode: [ 39.199374] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 39.200006] Call trace: [ 39.200014] regmap_irq_set_type+0x84/0x1c0 [ 39.200026] __irq_set_trigger+0x60/0x1c0 [ 39.200040] __setup_irq+0x2f4/0x78c [ 39.200051] request_threaded_irq+0xe8/0x1a0 Use num_config_regs in regmap_add_irq_chip_fwnode instead of num_type_reg, and fall back to it if num_config_regs isn't defined to maintain backward compatibility.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysismoderate

Security readout for executives and security teams

Plain-English summary

This Linux kernel issue can crash affected systems when a specific interrupt configuration path is used. It stems from an internal kernel data structure not being allocated after related code changes. The public record does not show active exploitation or a CVSS score.

Executive priority

Treat as a targeted stability risk, not currently an internet-scale emergency. Prioritize patching affected Linux devices where kernel crashes would disrupt operations, especially embedded or hardware-specific deployments using the impacted driver paths.

Technical view

regmap_add_irq_chip_fwnode did not switch from num_type_reg to num_config_regs after regmap IRQ changes. When the WCD9335 driver removed num_type_reg, regmap_irq_set_type could dereference a null type_buf during IRQ trigger setup. The fix uses num_config_regs and falls back to num_type_reg for compatibility.

Likely exposure

Exposure appears limited to Linux kernels in the affected range noted by the CVE record, especially systems using the regmap IRQ fwnode path and affected driver configuration. The source lists Linux 6.0, 6.0.16, 6.1.2, and 6.2, but version range details are incomplete.

Exploitation context

The provided sources describe a kernel null pointer dereference during IRQ setup, not a remote attack path. KEV is false, and no cited source reports active exploitation. Practical impact is most likely denial of service or device instability on affected hardware/software combinations.

Researcher notes

The record lacks CVSS, CWE, and detailed affected range semantics. Analysis should focus on commit lineage and downstream backports. The key fix is allocation logic in regmap_add_irq_chip_fwnode using num_config_regs with backward-compatible fallback.

Mitigation direction

  • Update to a kernel containing the referenced stable fixes.
  • Use distribution or device-vendor kernel advisories for packaged update guidance.
  • Prioritize systems using affected regmap IRQ or WCD9335-related configurations.
  • Test kernel updates on representative hardware before broad deployment.

Validation and detection

  • Inventory Linux kernel versions against the CVE affected-version data.
  • Check vendor changelogs for the referenced stable commit IDs.
  • Confirm whether regmap IRQ fwnode and WCD9335 paths are enabled.
  • Review kernel logs for the documented null dereference call trace.
Prepared
Confidence
medium
Sources
5

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2022-50558 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
0ADP providers
4Source links

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinuxfaa87ce9196dbb074d75bd4aecb8bacf18f19b4e, faa87ce9196dbb074d75bd4aecb8bacf18f19b4e, faa87ce9196dbb074d75bd4aecb8bacf18f19b4eunaffected
LinuxLinux6.0, 0, 6.0.16, 6.1.2, 6.2affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.