CVE-2022-49055

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amdkfd: Check for potential null return of kmalloc_array()

As the kmalloc_array() may return null, the 'event_waiters[i].wait' would lead to null-pointer dereference. Therefore, it is better to check the return value of kmalloc_array() to avoid this confusion.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf3a398183f7b9ef78f6b71ee9f7641e046403bcb < 32cf90a521dcc0f136db7ee5ba32bfe5f79e460eaffected
LinuxLinuxf3a398183f7b9ef78f6b71ee9f7641e046403bcb < 40bf32dbfef866c83a3e74800b81d79e52b6d20baffected
LinuxLinuxf3a398183f7b9ef78f6b71ee9f7641e046403bcb < 94869bb0de69a812f70231b0eb480bb2f7ae73a6affected
LinuxLinuxf3a398183f7b9ef78f6b71ee9f7641e046403bcb < c7a268b33882d5feaafd29c1734456f41ba41396affected
LinuxLinuxf3a398183f7b9ef78f6b71ee9f7641e046403bcb < 1d7a5aae884ca727d41c7ed15d4c82fdb67c040caffected
LinuxLinuxf3a398183f7b9ef78f6b71ee9f7641e046403bcb < f2658d5966bcee8c3eb487875f459756d4f7cdfcaffected
LinuxLinuxf3a398183f7b9ef78f6b71ee9f7641e046403bcb < 0a692c625e373fef692ffbc7fc41f8a025f01cb7affected
LinuxLinuxf3a398183f7b9ef78f6b71ee9f7641e046403bcb < ebbb7bb9e80305820dc2328a371c1b35679f2667affected
LinuxLinux4.2affected
LinuxLinux0 < 4.2unaffected
LinuxLinux4.9.311 <= 4.9.*unaffected
LinuxLinux4.14.276 <= 4.14.*unaffected
LinuxLinux4.19.239 <= 4.19.*unaffected
LinuxLinux5.4.190 <= 5.4.*unaffected
LinuxLinux5.10.112 <= 5.10.*unaffected
LinuxLinux5.15.35 <= 5.15.*unaffected
LinuxLinux5.17.4 <= 5.17.*unaffected
LinuxLinux5.18 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References