-
CVE-2022-50452
- EPSS 0.03%
- Veröffentlicht 01.10.2025 12:15:38
- Zuletzt bearbeitet 02.10.2025 19:12:17
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- Teams Watchlist Login
- Unerledigt Login
In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null pointer access issue when cake_init() fails When the default qdisc is cake, if the qdisc of dev_queue fails to be inited during mqprio_init(), cake_reset() is invoked to clear resources. In this case, the tins is NULL, and it will cause gpf issue. The process is as follows: qdisc_create_dflt() cake_init() q->tins = kvcalloc(...) --->failed, q->tins is NULL ... qdisc_put() ... cake_reset() ... cake_dequeue_one() b = &q->tins[...] --->q->tins is NULL The following is the Call Trace information: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] RIP: 0010:cake_dequeue_one+0xc9/0x3c0 Call Trace: <TASK> cake_reset+0xb1/0x140 qdisc_reset+0xed/0x6f0 qdisc_destroy+0x82/0x4c0 qdisc_put+0x9e/0xb0 qdisc_create_dflt+0x2c3/0x4a0 mqprio_init+0xa71/0x1760 qdisc_create+0x3eb/0x1000 tc_modify_qdisc+0x408/0x1720 rtnetlink_rcv_msg+0x38e/0xac0 netlink_rcv_skb+0x12d/0x3a0 netlink_unicast+0x4a2/0x740 netlink_sendmsg+0x826/0xcc0 sock_sendmsg+0xc5/0x100 ____sys_sendmsg+0x583/0x690 ___sys_sendmsg+0xe8/0x160 __sys_sendmsg+0xbf/0x160 do_syscall_64+0x35/0x80 entry_SYSCALL_64_after_hwframe+0x46/0xb0 RIP: 0033:0x7f89e5122d04 </TASK>
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
86aa1390898146f1de277bb6d2a8ed7fc7a43f12
Version
046f6fd5daefac7f5abdafb436b30f63bc7c602b
Status
affected
Version <
bc8301ea7e7f1bb9d2ba2fcdf7b5ec2f0792b47e
Version
046f6fd5daefac7f5abdafb436b30f63bc7c602b
Status
affected
Version <
ae48bee2830bf216800e1447baca39541e27a12e
Version
046f6fd5daefac7f5abdafb436b30f63bc7c602b
Status
affected
Version <
154f4c06d9dbec1a14e91286c70b6305810302e0
Version
046f6fd5daefac7f5abdafb436b30f63bc7c602b
Status
affected
Version <
1dc0a019550fd38ec6cab2d73c90df2bd659c96b
Version
046f6fd5daefac7f5abdafb436b30f63bc7c602b
Status
affected
Version <
51f9a8921ceacd7bf0d3f47fa867a64988ba1dcb
Version
046f6fd5daefac7f5abdafb436b30f63bc7c602b
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
4.19
Status
affected
Version <
4.19
Version
0
Status
unaffected
Version <=
4.19.*
Version
4.19.264
Status
unaffected
Version <=
5.4.*
Version
5.4.221
Status
unaffected
Version <=
5.10.*
Version
5.10.152
Status
unaffected
Version <=
5.15.*
Version
5.15.76
Status
unaffected
Version <=
6.0.*
Version
6.0.6
Status
unaffected
Version <=
*
Version
6.1
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.081 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|