5.5

CVE-2022-49618

pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux()

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux()

pdesc could be null but still dereference pdesc->name and it will lead to
a null pointer access. So we move a null check before dereference.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.10.132
LinuxLinux Kernel Version >= 5.11 < 5.15.56
LinuxLinux Kernel Version >= 5.16 < 5.18.13
LinuxLinux Kernel Version5.19 Updaterc1
LinuxLinux Kernel Version5.19 Updaterc2
LinuxLinux Kernel Version5.19 Updaterc3
LinuxLinux Kernel Version5.19 Updaterc4
LinuxLinux Kernel Version5.19 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.152
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/3cb392b64304a05bf647e2e44efacd9a1f3c3c6a
Patch
https://git.kernel.org/stable/c/84a85d3fef2e75b1fe9fc2af6f5267122555a1ed
Patch
https://git.kernel.org/stable/c/e162a24f1dd06c0dcae71f2565c9f3da2827b98e
Patch
https://git.kernel.org/stable/c/ef1e38532f4b2f0f3b460e938a2e7076c3bed5ee
Patch