CVE-2022-48942
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-48942
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48942.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-48942
- Downstream
- Related
- Published
- 2024-08-22T03:30:12Z
- Modified
- 2025-10-21T08:48:53.857671Z
- Summary
- hwmon: Handle failure to register sensor with thermal zone correctly
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
hwmon: Handle failure to register sensor with thermal zone correctly
If an attempt is made to a sensor with a thermal zone and it fails, the call to devmthermalzoneofsensor_register() may return -ENODEV. This may result in crashes similar to the following.
Unable to handle kernel NULL pointer dereference at virtual address 00000000000003cd ... Internal error: Oops: 96000021 [#1] PREEMPT SMP ... pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : mutexlock+0x18/0x60 lr : thermalzonedeviceupdate+0x40/0x2e0 sp : ffff800014c4fc60 x29: ffff800014c4fc60 x28: ffff365ee3f6e000 x27: ffffdde218426790 x26: ffff365ee3f6e000 x25: 0000000000000000 x24: ffff365ee3f6e000 x23: ffffdde218426870 x22: ffff365ee3f6e000 x21: 00000000000003cd x20: ffff365ee8bf3308 x19: ffffffffffffffed x18: 0000000000000000 x17: ffffdde21842689c x16: ffffdde1cb7a0b7c x15: 0000000000000040 x14: ffffdde21a4889a0 x13: 0000000000000228 x12: 0000000000000000 x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000 x8 : 0000000001120000 x7 : 0000000000000001 x6 : 0000000000000000 x5 : 0068000878e20f07 x4 : 0000000000000000 x3 : 00000000000003cd x2 : ffff365ee3f6e000 x1 : 0000000000000000 x0 : 00000000000003cd Call trace: mutexlock+0x18/0x60 hwmonnotifyevent+0xfc/0x110 0xffffdde1cb7a0a90 0xffffdde1cb7a0b7c irqthreadfn+0x2c/0xa0 irqthread+0x134/0x240 kthread+0x178/0x190 retfromfork+0x10/0x20 Code: d503201f d503201f d2800001 aa0103e4 (c8e47c02)
Jon Hunter reports that the exact call sequence is:
hwmonnotifyevent() --> hwmonthermalnotify() --> thermalzonedeviceupdate() --> updatetemperature() --> mutex_lock()
The hwmon core needs to handle all errors returned from calls to devmthermalzoneofsensor_register(). If the call fails with -ENODEV, report that the sensor was not attached to a thermal zone but continue to register the hwmon device.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/1b5f517cca36292076d9e38fa6e33a257703e62e
- https://git.kernel.org/stable/c/7efe8499cb90651c540753f4269d2d43ede14223
- https://git.kernel.org/stable/c/8a1969e14ad93663f9a3ed02ccc2138da9956a0e
- https://git.kernel.org/stable/c/962b2a3188bfa5388756ffbc47dfa5ff59cb8011
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1597b374af22266266e1e20612208c4b11359ad4Fixed962b2a3188bfa5388756ffbc47dfa5ff59cb8011
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1597b374af22266266e1e20612208c4b11359ad4Fixed7efe8499cb90651c540753f4269d2d43ede14223
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1597b374af22266266e1e20612208c4b11359ad4Fixed8a1969e14ad93663f9a3ed02ccc2138da9956a0e
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1597b374af22266266e1e20612208c4b11359ad4Fixed1b5f517cca36292076d9e38fa6e33a257703e62e
Affected versions
v5.*
Database specific
vanir_signatures
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@962b2a3188bfa5388756ffbc47dfa5ff59cb8011",
"target": {
"function": "hwmon_thermal_add_sensor",
"file": "drivers/hwmon/hwmon.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2022-48942-1ebf1d79",
"signature_type": "Function",
"digest": {
"length": 591.0,
"function_hash": "258242562964647562615306601714476072347"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@962b2a3188bfa5388756ffbc47dfa5ff59cb8011",
"target": {
"file": "drivers/hwmon/hwmon.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2022-48942-24c57ca5",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"3260745066303205129786638716871610716",
"281177155376910364774072800011844684927",
"19226484727635543474792528484095990866",
"18691160982716783675598581456477436767",
"34799955841403227832882909221198484005"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1b5f517cca36292076d9e38fa6e33a257703e62e",
"target": {
"file": "drivers/hwmon/hwmon.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2022-48942-66c14f07",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"3260745066303205129786638716871610716",
"281177155376910364774072800011844684927",
"19226484727635543474792528484095990866",
"18691160982716783675598581456477436767",
"34799955841403227832882909221198484005"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8a1969e14ad93663f9a3ed02ccc2138da9956a0e",
"target": {
"file": "drivers/hwmon/hwmon.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2022-48942-6dce8d33",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"3260745066303205129786638716871610716",
"281177155376910364774072800011844684927",
"19226484727635543474792528484095990866",
"18691160982716783675598581456477436767",
"34799955841403227832882909221198484005"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7efe8499cb90651c540753f4269d2d43ede14223",
"target": {
"file": "drivers/hwmon/hwmon.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2022-48942-84c981c0",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"3260745066303205129786638716871610716",
"281177155376910364774072800011844684927",
"19226484727635543474792528484095990866",
"18691160982716783675598581456477436767",
"34799955841403227832882909221198484005"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8a1969e14ad93663f9a3ed02ccc2138da9956a0e",
"target": {
"function": "hwmon_thermal_add_sensor",
"file": "drivers/hwmon/hwmon.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2022-48942-9c88de4a",
"signature_type": "Function",
"digest": {
"length": 591.0,
"function_hash": "258242562964647562615306601714476072347"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1b5f517cca36292076d9e38fa6e33a257703e62e",
"target": {
"function": "hwmon_thermal_add_sensor",
"file": "drivers/hwmon/hwmon.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2022-48942-a32dd479",
"signature_type": "Function",
"digest": {
"length": 591.0,
"function_hash": "258242562964647562615306601714476072347"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7efe8499cb90651c540753f4269d2d43ede14223",
"target": {
"function": "hwmon_thermal_add_sensor",
"file": "drivers/hwmon/hwmon.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2022-48942-a8524a2e",
"signature_type": "Function",
"digest": {
"length": 591.0,
"function_hash": "258242562964647562615306601714476072347"
}
}
]