CVE-2022-49106

Summary

In the Linux kernel, the following vulnerability has been resolved:

staging: vchiq_arm: Avoid NULL ptr deref in vchiq_dump_platform_instances

vchiq_get_state() can return a NULL pointer. So handle this cases and avoid a NULL pointer derefence in vchiq_dump_platform_instances.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux71bad7f086419dc674244b91ca35a12bfa4cb597 < 176df12b38c70b0a45e6392a0ee5bc83489dfc29affected
LinuxLinux71bad7f086419dc674244b91ca35a12bfa4cb597 < 4627250cabaa80278d3ab01ad107893cea83799faffected
LinuxLinux71bad7f086419dc674244b91ca35a12bfa4cb597 < 51e5e5c34c22c0bfec0808d8c33e0b2fcf4c7c89affected
LinuxLinux71bad7f086419dc674244b91ca35a12bfa4cb597 < aa899e686d442c63d50f4d369cc02dbbf0941cb0affected
LinuxLinux4.9affected
LinuxLinux0 < 4.9unaffected
LinuxLinux5.15.34 <= 5.15.*unaffected
LinuxLinux5.16.20 <= 5.16.*unaffected
LinuxLinux5.17.3 <= 5.17.*unaffected
LinuxLinux5.18 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References