CVE-2022-49019

MEDIUM

Linux Kernel 4.17-5.4.226 5.5-5.10.158 5.11-5.15.82 5.16-6.0.12 - NULL Pointer Dereference in nixge_hw_dma_bd_release

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: nixge: fix NULL dereference In function nixge_hw_dma_bd_release() dereference of NULL pointer priv->rx_bd_v is possible for the case of its allocation failure in nixge_hw_dma_bd_init(). Move for() loop with priv->rx_bd_v dereference under the check for its validity. Found by Linux Verification Center (linuxtesting.org) with SVACE.

References (5)

Core 5

Core References

Patch

https://git.kernel.org/stable/c/910c0264b64ef2dad8887714a7c56c93e39a0ed3

Patch

https://git.kernel.org/stable/c/45752af0247589e6d3dede577415bfe117b4392c

Patch

https://git.kernel.org/stable/c/9c584d6d9cfb935dce8fc81a4c26debac0a3049b

Patch

https://git.kernel.org/stable/c/80e82f7b440b65cf131dce10f487dc73a7046e6b

Patch

https://git.kernel.org/stable/c/9256db4e45e8b497b0e993cc3ed4ad08eb2389b6

Scores

CVSS v3 5.5

EPSS 0.0023

EPSS Percentile 14.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (18)

linux/Kernel 4.17.0 - 5.4.226linux

linux/Kernel 5.11.0 - 5.15.82linux

linux/Kernel 5.16.0 - 6.0.12linux

linux/Kernel 5.5.0 - 5.10.158linux

Linux/Linux < 4.17

Linux/Linux 4.17

Linux/Linux 492caffa8a1a405f661c111acabfe6b8b9645db8 - 45752af0247589e6d3dede577415bfe117b4392c

Linux/Linux 492caffa8a1a405f661c111acabfe6b8b9645db8 - 80e82f7b440b65cf131dce10f487dc73a7046e6b

Linux/Linux 492caffa8a1a405f661c111acabfe6b8b9645db8 - 910c0264b64ef2dad8887714a7c56c93e39a0ed3

Linux/Linux 492caffa8a1a405f661c111acabfe6b8b9645db8 - 9256db4e45e8b497b0e993cc3ed4ad08eb2389b6

... and 8 more

Published Oct 21, 2024

Tracked Since Feb 18, 2026