CVE-2022-49895
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
cxl/region: Fix decoder allocation crash
When an intermediate port's decoders have been exhausted by existing regions, and creating a new region with the port in question in it's hierarchical path is attempted, cxl_port_attach_region() fails to find a port decoder (as would be expected), and drops into the failure / cleanup path.
However, during cleanup of the region reference, a sanity check attempts to dereference the decoder, which in the above case didn't exist. This causes a NULL pointer dereference BUG.
To fix this, refactor the decoder allocation and de-allocation into helper routines, and in this 'free' routine, check that the decoder, @cxld, is valid before attempting any operations on it.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 384e624bb211b406db40edc900bb51af8bb267d0 < c6813b5610ac53af73edd87a660d23a0511faa47 | affected |
| Linux | Linux | 384e624bb211b406db40edc900bb51af8bb267d0 < 71ee71d7adcba648077997a29a91158d20c40b09 | affected |
| Linux | Linux | 6.0 | affected |
| Linux | Linux | 0 < 6.0 | unaffected |
| Linux | Linux | 6.0.8 <= 6.0.* | unaffected |
| Linux | Linux | 6.1 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/c6813b5610ac53af73edd87a660d23a0511faa47
- https://git.kernel.org/stable/c/71ee71d7adcba648077997a29a91158d20c40b09
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.