CVE-2022-49104
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
staging: vchiq_core: handle NULL result of find_service_by_handle
In case of an invalid handle the function find_servive_by_handle returns NULL. So take care of this and avoid a NULL pointer dereference.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 71bad7f086419dc674244b91ca35a12bfa4cb597 < aa0b7296785312a4bfa8fac0ba8ad78698fd9fcf | affected |
| Linux | Linux | 71bad7f086419dc674244b91ca35a12bfa4cb597 < 42f2142a337ee372455574809fc924580a7e51b2 | affected |
| Linux | Linux | 71bad7f086419dc674244b91ca35a12bfa4cb597 < 04202f54dd8899e10f56a89c4c1ede0043fa22af | affected |
| Linux | Linux | 71bad7f086419dc674244b91ca35a12bfa4cb597 < 3b424f6586a870b8d657c5e5419465bbe0e7b61f | affected |
| Linux | Linux | 71bad7f086419dc674244b91ca35a12bfa4cb597 < ca225857faf237234d2fffe5d1919467dfadd822 | affected |
| Linux | Linux | 4.9 | affected |
| Linux | Linux | 0 < 4.9 | unaffected |
| Linux | Linux | 5.10.111 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.34 <= 5.15.* | unaffected |
| Linux | Linux | 5.16.20 <= 5.16.* | unaffected |
| Linux | Linux | 5.17.3 <= 5.17.* | unaffected |
| Linux | Linux | 5.18 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/aa0b7296785312a4bfa8fac0ba8ad78698fd9fcf
- https://git.kernel.org/stable/c/42f2142a337ee372455574809fc924580a7e51b2
- https://git.kernel.org/stable/c/04202f54dd8899e10f56a89c4c1ede0043fa22af
- https://git.kernel.org/stable/c/3b424f6586a870b8d657c5e5419465bbe0e7b61f
- https://git.kernel.org/stable/c/ca225857faf237234d2fffe5d1919467dfadd822
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.