CVE-2022-49664

EPSS 0.03%
Veröffentlicht 26.02.2025 07:01:41
Zuletzt bearbeitet 01.10.2025 20:17:02
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

tipc: move bc link creation back to tipc_node_create

Shuang Li reported a NULL pointer dereference crash:

  [] BUG: kernel NULL pointer dereference, address: 0000000000000068
  [] RIP: 0010:tipc_link_is_up+0x5/0x10 [tipc]
  [] Call Trace:
  []  <IRQ>
  []  tipc_bcast_rcv+0xa2/0x190 [tipc]
  []  tipc_node_bc_rcv+0x8b/0x200 [tipc]
  []  tipc_rcv+0x3af/0x5b0 [tipc]
  []  tipc_udp_recv+0xc7/0x1e0 [tipc]

It was caused by the 'l' passed into tipc_bcast_rcv() is NULL. When it
creates a node in tipc_node_check_dest(), after inserting the new node
into hashtable in tipc_node_create(), it creates the bc link. However,
there is a gap between this insert and bc link creation, a bc packet
may come in and get the node from the hashtable then try to dereference
its bc link, which is NULL.

This patch is to fix it by moving the bc link creation before inserting
into the hashtable.

Note that for a preliminary node becoming "real", the bc link creation
should also be called before it's rehashed, as we don't create it for
preliminary nodes.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.4.287 < 5.10.129

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.53

Linux ≫ Linux Kernel Version >= 5.16 < 5.18.10

Linux ≫ Linux Kernel Version5.19 Updaterc1

Linux ≫ Linux Kernel Version5.19 Updaterc2

Linux ≫ Linux Kernel Version5.19 Updaterc3

Linux ≫ Linux Kernel Version5.19 Updaterc4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.094

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/35fcb2ba35b4d9b592b558c3bcc6e0d90e213588

Patch

https://git.kernel.org/stable/c/456bc338871c4a52117dd5ef29cce3745456d248

Patch

https://git.kernel.org/stable/c/cb8092d70a6f5f01ec1490fce4d35efed3ed996c

Patch

https://git.kernel.org/stable/c/e52910e671f58c619e33dac476b11b35e2d3ab6f

Patch

https://nvd.nist.gov/vuln/detail/CVE-2022-49664

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-49664

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-49664

EUVD