CVE-2022-49974

MEDIUM

Linux Kernel 5.16-5.19.6 - Null Pointer Dereference in Nintendo HID Rumble Worker

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: HID: nintendo: fix rumble worker null pointer deref We can dereference a null pointer trying to queue work to a destroyed workqueue. If the device is disconnected, nintendo_hid_remove is called, in which the rumble_queue is destroyed. Avoid using that queue to defer rumble work once the controller state is set to JOYCON_CTLR_STATE_REMOVED. This eliminates the null pointer dereference.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/7c6e6c334154be16740b44dcd7638fb510b9bd91

Patch

https://git.kernel.org/stable/c/1ff89e06c2e5fab30274e4b02360d4241d6e605e

Scores

CVSS v3 5.5

EPSS 0.0018

EPSS Percentile 7.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (9)

linux/Kernel 5.16.0 - 5.19.7linux

Linux/Linux < 5.16

Linux/Linux 2af16c1f846bd60240745bbd3afa13d5f040c61a - 1ff89e06c2e5fab30274e4b02360d4241d6e605e

Linux/Linux 2af16c1f846bd60240745bbd3afa13d5f040c61a - 7c6e6c334154be16740b44dcd7638fb510b9bd91

Linux/Linux 5.16

Linux/Linux 5.19.7 - 5.19.*

Linux/Linux 6.0

linux/linux_kernel 6.0 rc1 (3 CPE variants)

linux/linux_kernel 5.16 - 5.19.7

Published Jun 18, 2025

Tracked Since Feb 18, 2026