CVE-2022-48798

Summary

In the Linux kernel, the following vulnerability has been resolved:

s390/cio: verify the driver availability for path_event call

If no driver is attached to a device or the driver does not provide the path_event function, an FCES path-event on this device could end up in a kernel-panic. Verify the driver availability before the path_event function call.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux32ef938815c1fb42d65212aac860ab153a64de1a < fe990b7bf6ac93f1d850d076b8f0e758268aa4abaffected
LinuxLinux32ef938815c1fb42d65212aac860ab153a64de1a < a0619027f11590b2070624297530c34dc7f91bcdaffected
LinuxLinux32ef938815c1fb42d65212aac860ab153a64de1a < dd9cb842fa9d90653a9b48aba52f89c069f3bc50affected
LinuxLinux5.11affected
LinuxLinux0 < 5.11unaffected
LinuxLinux5.15.24 <= 5.15.*unaffected
LinuxLinux5.16.10 <= 5.16.*unaffected
LinuxLinux5.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References