CVE-2022-48772

June 25, 2024, 6:50 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: media: lgdt3306a: Add a check against null-pointer-def The driver should check whether the client provides the platform_data. The following log reveals it: [ 29.610324] BUG: KASAN: null-ptr-deref in kmemdup+0x30/0x40 [ 29.610730] Read of size 40 at addr 0000000000000000 by task bash/414 [ 29.612820] Call Trace: [ 29.613030] <TASK> [ 29.613201] dump_stack_lvl+0x56/0x6f [ 29.613496] ? kmemdup+0x30/0x40 [ 29.613754] print_report.cold+0x494/0x6b7 [ 29.614082] ? kmemdup+0x30/0x40 [ 29.614340] kasan_report+0x8a/0x190 [ 29.614628] ? kmemdup+0x30/0x40 [ 29.614888] kasan_check_range+0x14d/0x1d0 [ 29.615213] memcpy+0x20/0x60 [ 29.615454] kmemdup+0x30/0x40 [ 29.615700] lgdt3306a_probe+0x52/0x310 [ 29.616339] i2c_device_probe+0x951/0xa90

Product(s) Impacted

Product Versions
Linux Kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/526238d32c3acc3d597fd8c9a34652bfe9086cea
https://git.kernel.org/stable/c/7d12e918f2994c883f41f22552a61b9310fa1e87
https://git.kernel.org/stable/c/8915dcd29a82096acacf54364a8425363782aea0
https://git.kernel.org/stable/c/8e1e00718d0d9dd83337300572561e30b9c0d115
https://git.kernel.org/stable/c/b479fd59a1f4a342b69fce34f222d93bf791dca4
https://git.kernel.org/stable/c/c1115ddbda9c930fba0fdd062e7a8873ebaf898d
https://git.kernel.org/stable/c/d082757b8359201c3864323cea4b91ea30a1e676

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-06-25
CVE-2022-48772

Timeline

Published: June 25, 2024, 3:15 p.m.
Last Modified: June 25, 2024, 6:50 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.