Expired Pointer Dereference The advisory has been revoked - it doesn't affect any version of package libperf-devel  (opens in a new tab)


Threat Intelligence

EPSS
0.17% (7th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-RHEL9-LIBPERFDEVEL-14296652
  • published10 Dec 2025
  • disclosed9 Dec 2025

Introduced: 9 Dec 2025

CVE-2022-50642  (opens in a new tab)
CWE-825  (opens in a new tab)

Amendment

The Red Hat security team deemed this advisory irrelevant for RHEL:9.

NVD Description

Note: Versions mentioned in the description apply only to the upstream libperf-devel package and not the libperf-devel package as distributed by RHEL.

In the Linux kernel, the following vulnerability has been resolved:

platform/chrome: cros_ec_typec: zero out stale pointers

cros_typec_get_switch_handles allocates four pointers when obtaining type-c switch handles. These pointers are all freed if failing to obtain any of them; therefore, pointers in port become stale. The stale pointers eventually cause use-after-free or double free in later code paths. Zeroing out all pointer fields after freeing to eliminate these stale pointers.