CVE-2022-48915

Summary

In the Linux kernel, the following vulnerability has been resolved:

thermal: core: Fix TZ_GET_TRIP NULL pointer dereference

Do not call get_trip_hyst() from thermal_genl_cmd_tz_get_trip() if the thermal zone does not define one.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1ce50e7d408ef2bdc8ca021363fd46d1b8bfad00 < 1c0b51e62a50e9291764d022ed44549e65d6ab9caffected
LinuxLinux1ce50e7d408ef2bdc8ca021363fd46d1b8bfad00 < 3dafbf915c05f83469e791949b5590da2aca2afbaffected
LinuxLinux1ce50e7d408ef2bdc8ca021363fd46d1b8bfad00 < 4c294285cec3964b3291772ac0642c2bf440bd1baffected
LinuxLinux1ce50e7d408ef2bdc8ca021363fd46d1b8bfad00 < 5838a14832d447990827d85e90afe17e6fb9c175affected
LinuxLinux5.9affected
LinuxLinux0 < 5.9unaffected
LinuxLinux5.10.104 <= 5.10.*unaffected
LinuxLinux5.15.27 <= 5.15.*unaffected
LinuxLinux5.16.13 <= 5.16.*unaffected
LinuxLinux5.17 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References