CVE-2022-49618
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux()
pdesc could be null but still dereference pdesc->name and it will lead to a null pointer access. So we move a null check before dereference.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 4d3d0e4272d8d660f5f14f5abcf96fb4df1aa94b < ef1e38532f4b2f0f3b460e938a2e7076c3bed5ee | affected |
| Linux | Linux | 4d3d0e4272d8d660f5f14f5abcf96fb4df1aa94b < 3cb392b64304a05bf647e2e44efacd9a1f3c3c6a | affected |
| Linux | Linux | 4d3d0e4272d8d660f5f14f5abcf96fb4df1aa94b < e162a24f1dd06c0dcae71f2565c9f3da2827b98e | affected |
| Linux | Linux | 4d3d0e4272d8d660f5f14f5abcf96fb4df1aa94b < 84a85d3fef2e75b1fe9fc2af6f5267122555a1ed | affected |
| Linux | Linux | 4.9 | affected |
| Linux | Linux | 0 < 4.9 | unaffected |
| Linux | Linux | 5.10.132 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.56 <= 5.15.* | unaffected |
| Linux | Linux | 5.18.13 <= 5.18.* | unaffected |
| Linux | Linux | 5.19 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/ef1e38532f4b2f0f3b460e938a2e7076c3bed5ee
- https://git.kernel.org/stable/c/3cb392b64304a05bf647e2e44efacd9a1f3c3c6a
- https://git.kernel.org/stable/c/e162a24f1dd06c0dcae71f2565c9f3da2827b98e
- https://git.kernel.org/stable/c/84a85d3fef2e75b1fe9fc2af6f5267122555a1ed
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.