5.5

CVE-2022-49608

pinctrl: ralink: Check for null return of devm_kcalloc

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: ralink: Check for null return of devm_kcalloc

Because of the possible failure of the allocation, data->domains might
be NULL pointer and will cause the dereference of the NULL pointer
later.
Therefore, it might be better to check it and directly return -ENOMEM
without releasing data manually if fails, because the comment of the
devm_kmalloc() says "Memory allocated with this function is
automatically freed on driver detach.".
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.18 < 4.19.254
LinuxLinux Kernel Version >= 4.20 < 5.4.208
LinuxLinux Kernel Version >= 5.5 < 5.10.134
LinuxLinux Kernel Version >= 5.11 < 5.15.58
LinuxLinux Kernel Version >= 5.16 < 5.18.15
LinuxLinux Kernel Version5.19 Updaterc1
LinuxLinux Kernel Version5.19 Updaterc2
LinuxLinux Kernel Version5.19 Updaterc3
LinuxLinux Kernel Version5.19 Updaterc4
LinuxLinux Kernel Version5.19 Updaterc5
LinuxLinux Kernel Version5.19 Updaterc6
LinuxLinux Kernel Version5.19 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.176
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/13596e6c9e541e90e5fc2c52b23f08b951370da9
Patch
https://git.kernel.org/stable/c/44016a85419ca0d4f1e4d0127b330f8e4e2a57d0
Patch
https://git.kernel.org/stable/c/5595d30c4dc27d939635c3188c68203b6ece1711
Patch
https://git.kernel.org/stable/c/5694b162f275fb9a9f89422701b2b963be11e496
Patch
https://git.kernel.org/stable/c/6194c021496addc11763d1ffa89ce5751889fe3c
Patch
https://git.kernel.org/stable/c/c3b821e8e406d5650e587b7ac624ac24e9b780a8
Patch