CVE-2022-49104

Summary

In the Linux kernel, the following vulnerability has been resolved:

staging: vchiq_core: handle NULL result of find_service_by_handle

In case of an invalid handle the function find_servive_by_handle returns NULL. So take care of this and avoid a NULL pointer dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux71bad7f086419dc674244b91ca35a12bfa4cb597 < aa0b7296785312a4bfa8fac0ba8ad78698fd9fcfaffected
LinuxLinux71bad7f086419dc674244b91ca35a12bfa4cb597 < 42f2142a337ee372455574809fc924580a7e51b2affected
LinuxLinux71bad7f086419dc674244b91ca35a12bfa4cb597 < 04202f54dd8899e10f56a89c4c1ede0043fa22afaffected
LinuxLinux71bad7f086419dc674244b91ca35a12bfa4cb597 < 3b424f6586a870b8d657c5e5419465bbe0e7b61faffected
LinuxLinux71bad7f086419dc674244b91ca35a12bfa4cb597 < ca225857faf237234d2fffe5d1919467dfadd822affected
LinuxLinux4.9affected
LinuxLinux0 < 4.9unaffected
LinuxLinux5.10.111 <= 5.10.*unaffected
LinuxLinux5.15.34 <= 5.15.*unaffected
LinuxLinux5.16.20 <= 5.16.*unaffected
LinuxLinux5.17.3 <= 5.17.*unaffected
LinuxLinux5.18 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References