CVE-2022-49323

MEDIUM

Linux Kernel - Null Pointer Dereference in arm_smmu_device_probe

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resource() that will check it to avoid null-ptr-deref. And use devm_platform_get_and_ioremap_resource() to simplify code.

References (5)

Core 5

Core References

Patch

https://git.kernel.org/stable/c/3660db29b0305f9a1d95979c7af0f5db6ea99f5d

Patch

https://git.kernel.org/stable/c/98dd53a92825747395649f54d23512a13c3ed471

Patch

https://git.kernel.org/stable/c/80776a71340f57d6a4952635fc89f0342072f3ca

Patch

https://git.kernel.org/stable/c/449fc4561762ad9ad85362d5f01f0d0df397457a

Patch

https://git.kernel.org/stable/c/d9ed8af1dee37f181096631fb03729ece98ba816

Scores

CVSS v3 5.5

EPSS 0.0026

EPSS Percentile 17.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (17)

linux/Kernel 4.11.0 - 5.10.122linux

linux/Kernel 5.11.0 - 5.15.47linux

linux/Kernel 5.16.0 - 5.17.15linux

linux/Kernel 5.18.0 - 5.18.4linux

Linux/Linux < 4.11

Linux/Linux 4.11

Linux/Linux 5.10.122 - 5.10.*

Linux/Linux 5.15.47 - 5.15.*

Linux/Linux 5.17.15 - 5.17.*

Linux/Linux 5.18.4 - 5.18.*

... and 7 more

Published Feb 26, 2025

Tracked Since Feb 18, 2026