CVE-2022-48703
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR
In some case, the GDDV returns a package with a buffer which has zero length. It causes that kmemdup() returns ZERO_SIZE_PTR (0x10).
Then the data_vault_read() got NULL point dereference problem when accessing the 0x10 value in data_vault.
[ 71.024560] BUG: kernel NULL pointer dereference, address: 0000000000000010
This patch uses ZERO_OR_NULL_PTR() for checking ZERO_SIZE_PTR or NULL value in data_vault.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 0ba13c763aacb27ab32bde5d559bf40e88465921 < 722588f17fd3d3a127e50718ec2caf22bd7e9daa | affected |
| Linux | Linux | 0ba13c763aacb27ab32bde5d559bf40e88465921 < 39d5137085a6c37ace4680ee4d24020a4a03e7dc | affected |
| Linux | Linux | 0ba13c763aacb27ab32bde5d559bf40e88465921 < dae42083b045a4ddf71c57cf350cb2412b5915c2 | affected |
| Linux | Linux | 0ba13c763aacb27ab32bde5d559bf40e88465921 < 7931e28098a4c1a2a6802510b0cbe57546d2049d | affected |
| Linux | Linux | 5.8 | affected |
| Linux | Linux | 0 < 5.8 | unaffected |
| Linux | Linux | 5.10.258 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.189 <= 5.15.* | unaffected |
| Linux | Linux | 5.19.9 <= 5.19.* | unaffected |
| Linux | Linux | 6.0 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/dae42083b045a4ddf71c57cf350cb2412b5915c2
- https://git.kernel.org/stable/c/7931e28098a4c1a2a6802510b0cbe57546d2049d
References
- https://git.kernel.org/stable/c/722588f17fd3d3a127e50718ec2caf22bd7e9daa
- https://git.kernel.org/stable/c/39d5137085a6c37ace4680ee4d24020a4a03e7dc
- https://git.kernel.org/stable/c/dae42083b045a4ddf71c57cf350cb2412b5915c2
- https://git.kernel.org/stable/c/7931e28098a4c1a2a6802510b0cbe57546d2049d
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.