CVE-2022-49184

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: sparx5: switchdev: fix possible NULL pointer dereference

As the possible failure of the allocation, devm_kzalloc() may return NULL pointer. Therefore, it should be better to check the 'db' in order to prevent the dereference of NULL pointer.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux10615907e9b51c9ae92f3a6ecabd01c482f20f32 < b375ea083fa649092cd016ac1f89a2d1fd8f8e8baffected
LinuxLinux10615907e9b51c9ae92f3a6ecabd01c482f20f32 < c346791877e6ce923bb21e34b30c6f99326aa5a8affected
LinuxLinux10615907e9b51c9ae92f3a6ecabd01c482f20f32 < e7e1fff76c4c57688dc7d53a3b6212182d5628d0affected
LinuxLinux10615907e9b51c9ae92f3a6ecabd01c482f20f32 < 0906f3a3df07835e37077d8971aac65347f2ed57affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.33 <= 5.15.*unaffected
LinuxLinux5.16.19 <= 5.16.*unaffected
LinuxLinux5.17.2 <= 5.17.*unaffected
LinuxLinux5.18 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References