CVE-2022-50875

Summary

In the Linux kernel, the following vulnerability has been resolved:

of: overlay: fix null pointer dereferencing in find_dup_cset_node_entry() and find_dup_cset_prop()

When kmalloc() fail to allocate memory in kasprintf(), fn_1 or fn_2 will be NULL, and strcmp() will cause null pointer dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2fe0e8769df9fed5098daea7db933bc414c329d7 < 9ec5781879b4535ad59b5354b385825378e45618affected
LinuxLinux2fe0e8769df9fed5098daea7db933bc414c329d7 < 2b4af99b44861646013821019dd13a4ac48c0219affected
LinuxLinux2fe0e8769df9fed5098daea7db933bc414c329d7 < ce1b3a41e7964cb8dd56a702a95dd90ad27f51cdaffected
LinuxLinux2fe0e8769df9fed5098daea7db933bc414c329d7 < ab5bb7bbacf531de8e32912cc2e21f906113cee8affected
LinuxLinux2fe0e8769df9fed5098daea7db933bc414c329d7 < 71d88c7453ec3d2ceff98e18ce4d6354abd3b5b6affected
LinuxLinux2fe0e8769df9fed5098daea7db933bc414c329d7 < ee9d7a0e754568180a2f8ebc4aad226278a9116faffected
LinuxLinux5.0affected
LinuxLinux0 < 5.0unaffected
LinuxLinux5.4.229 <= 5.4.*unaffected
LinuxLinux5.10.163 <= 5.10.*unaffected
LinuxLinux5.15.86 <= 5.15.*unaffected
LinuxLinux6.0.16 <= 6.0.*unaffected
LinuxLinux6.1.2 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References