CVE-2022-49202

Summary

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: hci_uart: add missing NULL check in h5_enqueue

Syzbot hit general protection fault in __pm_runtime_resume(). The problem was in missing NULL check.

hu->serdev can be NULL and we should not blindly pass &serdev->dev somewhere, since it will cause GPF.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd9dd833cf6d29695682ec7e7924c0d0992b906bc < 7235485433d290367d60ae22fcdfc565e61d42abaffected
LinuxLinuxd9dd833cf6d29695682ec7e7924c0d0992b906bc < e6b6c904c0f88588b6a3ace20e4c0d61eab124f8affected
LinuxLinuxd9dd833cf6d29695682ec7e7924c0d0992b906bc < 8a3896c30f542439d36303183dc96f65df8cc528affected
LinuxLinuxd9dd833cf6d29695682ec7e7924c0d0992b906bc < 32cb08e958696908a9aad5e49a78d74f7e32fffbaffected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.33 <= 5.15.*unaffected
LinuxLinux5.16.19 <= 5.16.*unaffected
LinuxLinux5.17.2 <= 5.17.*unaffected
LinuxLinux5.18 <= *unaffected

Weaknesses

References