CVE-2022-48648
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-48648
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48648.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-48648
- Related
- Published
- 2024-04-28T13:15:07Z
- Modified
- 2024-09-18T03:22:31.397189Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
sfc: fix null pointer dereference in efxhardstart_xmit
Trying to get the channel from the txqueue variable here is wrong because we can only be here if txqueue is NULL, so we shouldn't dereference it. As the above comment in the code says, this is very unlikely to happen, but it's wrong anyway so let's fix it.
I hit this issue because of a different bug that caused txqueue to be NULL. If that happens, this is the error message that we get here: BUG: unable to handle kernel NULL pointer dereference at 0000000000000020 [...] RIP: 0010:efxhardstartxmit+0x153/0x170 [sfc]
- References
-
- https://git.kernel.org/stable/c/0a242eb2913a4aa3d6fbdb86559f27628e9466f3
- https://git.kernel.org/stable/c/8547c7bfc0617e7184e4da65b9b96681fcfe9998
- https://git.kernel.org/stable/c/b3b41d4d95d3822b2e459ecbc80d030ea6aec5e7
- https://git.kernel.org/stable/c/b3b952168ee1f220ba729fa100fd9d5aa752eb03
- https://security-tracker.debian.org/tracker/CVE-2022-48648
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.148-1
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source