5.5

CVE-2022-50244

cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter()

In the Linux kernel, the following vulnerability has been resolved:

cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter()

If device_register() fails in cxl_pci_afu|adapter(), the device
is not added, device_unregister() can not be called in the error
path, otherwise it will cause a null-ptr-deref because of removing
not added device.

As comment of device_register() says, it should use put_device() to give
up the reference in the error path. So split device_unregister() into
device_del() and put_device(), then goes to put dev when register fails.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.18 < 4.9.337
LinuxLinux Kernel Version >= 4.10 < 4.14.303
LinuxLinux Kernel Version >= 4.15 < 4.19.270
LinuxLinux Kernel Version >= 4.20 < 5.4.229
LinuxLinux Kernel Version >= 5.5 < 5.10.163
LinuxLinux Kernel Version >= 5.11 < 5.15.86
LinuxLinux Kernel Version >= 5.16 < 6.0.16
LinuxLinux Kernel Version >= 6.1 < 6.1.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.044
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/82e68432668ae75b4c814d160f6987ecb0681273
Patch
https://git.kernel.org/stable/c/82e5481428faf11c79b9c094dd24a1849bbf64ac
Patch
https://git.kernel.org/stable/c/c4b2e35df919d99bbbed033c2fa0b607f9f463b5
Patch
https://git.kernel.org/stable/c/361412dae1690d4b5df6f92fc943cdc773c95cbc
Patch
https://git.kernel.org/stable/c/0f63c0ddc2ea20d783d29243f4dbe0f9e95dfdec
Patch
https://git.kernel.org/stable/c/22511eefa61db26e12c97dd7ada3071dbdfcb004
Patch
https://git.kernel.org/stable/c/139abd4c626a6f7ce02789ed5f73aa2256e0542b
Patch
https://git.kernel.org/stable/c/2f5fd31b2f24b9b8a80ab566fd8c4e1e94cb4339
Patch
https://git.kernel.org/stable/c/02cd3032b154fa02fdf90e7467abaeed889330b2
Patch