CVE-2022-49805

MEDIUM

Linux Kernel 5.17-6.0.9 - Null Pointer Dereference in lan966x_stats_init()

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: Fix potential null-ptr-deref in lan966x_stats_init() lan966x_stats_init() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. And a null-ptr-deref may happen: lan966x_stats_init() create_singlethread_workqueue() # failed, lan966x->stats_queue is NULL queue_delayed_work() queue_delayed_work_on() __queue_delayed_work() # warning here, but continue __queue_work() # access wq->flags, null-ptr-deref Check the ret value and return -ENOMEM if it is NULL.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/4a43c1c6040e848e1344c7b16ac696b68fbc439c

Patch

https://git.kernel.org/stable/c/ba86af3733aece88dbcee0dfebf7e2dcfefb2be4

Scores

CVSS v3 5.5

EPSS 0.0014

EPSS Percentile 3.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (9)

linux/Kernel 5.17.0 - 6.0.10linux

Linux/Linux < 5.17

Linux/Linux 12c2d0a5b8e2a1afc8c7738e19a0d1dd7f3d4007 - 4a43c1c6040e848e1344c7b16ac696b68fbc439c

Linux/Linux 12c2d0a5b8e2a1afc8c7738e19a0d1dd7f3d4007 - ba86af3733aece88dbcee0dfebf7e2dcfefb2be4

Linux/Linux 5.17

Linux/Linux 6.0.10 - 6.0.*

Linux/Linux 6.1

linux/linux_kernel 6.1 rc1 (5 CPE variants)

linux/linux_kernel 5.17 - 6.0.10

Published May 01, 2025

Tracked Since Feb 18, 2026