CVE-2022-49805

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-49805

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49805.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-49805

Downstream

DEBIAN-CVE-2022-49805

UBUNTU-CVE-2022-49805

Published

2025-05-01T14:09:32Z

Modified

2025-10-15T00:01:05.018135Z

Summary

net: lan966x: Fix potential null-ptr-deref in lan966x_stats_init()

Details

In the Linux kernel, the following vulnerability has been resolved:

net: lan966x: Fix potential null-ptr-deref in lan966xstatsinit()

lan966xstatsinit() calls createsinglethreadworkqueue() and not checked the ret value, which may return NULL. And a null-ptr-deref may happen:

lan966xstatsinit() createsinglethreadworkqueue() # failed, lan966x->statsqueue is NULL queuedelayedwork() queuedelayedworkon() _queuedelayedwork() # warning here, but continue _queue_work() # access wq->flags, null-ptr-deref

Check the ret value and return -ENOMEM if it is NULL.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

12c2d0a5b8e2a1afc8c7738e19a0d1dd7f3d4007

Fixed

4a43c1c6040e848e1344c7b16ac696b68fbc439c

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

12c2d0a5b8e2a1afc8c7738e19a0d1dd7f3d4007

Fixed

ba86af3733aece88dbcee0dfebf7e2dcfefb2be4

Affected versions

v5.*

v5.16

v5.16-rc3

v5.16-rc4

v5.16-rc5

v5.16-rc6

v5.16-rc7

v5.16-rc8

v5.17

v5.17-rc1

v5.17-rc2

v5.17-rc3

v5.17-rc4

v5.17-rc5

v5.17-rc6

v5.17-rc7

v5.17-rc8

v5.18

v5.18-rc1

v5.18-rc2

v5.18-rc3

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.19

v5.19-rc1

v5.19-rc2

v5.19-rc3

v5.19-rc4

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v6.*

v6.0

v6.0-rc1

v6.0-rc2

v6.0-rc3

v6.0-rc4

v6.0-rc5

v6.0-rc6

v6.0-rc7

v6.0.1

v6.0.2

v6.0.3

v6.0.4

v6.0.5

v6.0.6

v6.0.7

v6.0.8

v6.0.9

v6.1-rc1

v6.1-rc2

v6.1-rc3

v6.1-rc4

Database specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 642.0,
                "function_hash": "53355092333940554467092622200458389667"
            },
            "target": {
                "file": "drivers/net/ethernet/microchip/lan966x/lan966x_ethtool.c",
                "function": "lan966x_stats_init"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ba86af3733aece88dbcee0dfebf7e2dcfefb2be4",
            "signature_version": "v1",
            "id": "CVE-2022-49805-0a61eb44",
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "186348251930749788508193481077585204213",
                    "311560325550135878829324095486591635017",
                    "279363652682126468871652357503909687564",
                    "291408542250250159548854052963313033541"
                ]
            },
            "target": {
                "file": "drivers/net/ethernet/microchip/lan966x/lan966x_ethtool.c"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ba86af3733aece88dbcee0dfebf7e2dcfefb2be4",
            "signature_version": "v1",
            "id": "CVE-2022-49805-4cd0a748",
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 642.0,
                "function_hash": "53355092333940554467092622200458389667"
            },
            "target": {
                "file": "drivers/net/ethernet/microchip/lan966x/lan966x_ethtool.c",
                "function": "lan966x_stats_init"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4a43c1c6040e848e1344c7b16ac696b68fbc439c",
            "signature_version": "v1",
            "id": "CVE-2022-49805-ee1b1f5b",
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "186348251930749788508193481077585204213",
                    "311560325550135878829324095486591635017",
                    "279363652682126468871652357503909687564",
                    "291408542250250159548854052963313033541"
                ]
            },
            "target": {
                "file": "drivers/net/ethernet/microchip/lan966x/lan966x_ethtool.c"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4a43c1c6040e848e1344c7b16ac696b68fbc439c",
            "signature_version": "v1",
            "id": "CVE-2022-49805-f0af3482",
            "signature_type": "Line"
        }
    ]
}

CVE-2022-49805

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Affected versions

v5.*

v6.*

Database specific

Linux / Kernel

Package

Affected ranges