CVE-2022-49618

Summary

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux()

pdesc could be null but still dereference pdesc->name and it will lead to a null pointer access. So we move a null check before dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4d3d0e4272d8d660f5f14f5abcf96fb4df1aa94b < ef1e38532f4b2f0f3b460e938a2e7076c3bed5eeaffected
LinuxLinux4d3d0e4272d8d660f5f14f5abcf96fb4df1aa94b < 3cb392b64304a05bf647e2e44efacd9a1f3c3c6aaffected
LinuxLinux4d3d0e4272d8d660f5f14f5abcf96fb4df1aa94b < e162a24f1dd06c0dcae71f2565c9f3da2827b98eaffected
LinuxLinux4d3d0e4272d8d660f5f14f5abcf96fb4df1aa94b < 84a85d3fef2e75b1fe9fc2af6f5267122555a1edaffected
LinuxLinux4.9affected
LinuxLinux0 < 4.9unaffected
LinuxLinux5.10.132 <= 5.10.*unaffected
LinuxLinux5.15.56 <= 5.15.*unaffected
LinuxLinux5.18.13 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References