CVE-2022-50634
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
power: supply: cw2015: Fix potential null-ptr-deref in cw_bat_probe()
cw_bat_probe() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. And a null-ptr-deref may happen:
cw_bat_probe() create_singlethread_workqueue() # failed, cw_bat->wq is NULL queue_delayed_work() queue_delayed_work_on() __queue_delayed_work() # warning here, but continue __queue_work() # access wq->flags, null-ptr-deref
Check the ret value and return -ENOMEM if it is NULL.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | b4c7715c10c106a041b0b3fabd26151c214ea394 < f7e2ba8ed08138102f21f3fe6414498c93177fd8 | affected |
| Linux | Linux | b4c7715c10c106a041b0b3fabd26151c214ea394 < 5150b76aa2eb8bb8feb7f7a048417f9d39c3dd04 | affected |
| Linux | Linux | b4c7715c10c106a041b0b3fabd26151c214ea394 < 97f2b4ddb0aa700d673691a7d5e44d226d22bab7 | affected |
| Linux | Linux | 5.8 | affected |
| Linux | Linux | 0 < 5.8 | unaffected |
| Linux | Linux | 6.0.16 <= 6.0.* | unaffected |
| Linux | Linux | 6.1.2 <= 6.1.* | unaffected |
| Linux | Linux | 6.2 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/f7e2ba8ed08138102f21f3fe6414498c93177fd8
- https://git.kernel.org/stable/c/5150b76aa2eb8bb8feb7f7a048417f9d39c3dd04
- https://git.kernel.org/stable/c/97f2b4ddb0aa700d673691a7d5e44d226d22bab7
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.