CVE-2022-49582
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
26/02/2025
Last modified:
01/10/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
net: dsa: fix NULL pointer dereference in dsa_port_reset_vlan_filtering<br />
<br />
The "ds" iterator variable used in dsa_port_reset_vlan_filtering() -><br />
dsa_switch_for_each_port() overwrites the "dp" received as argument,<br />
which is later used to call dsa_port_vlan_filtering() proper.<br />
<br />
As a result, switches which do enter that code path (the ones with<br />
vlan_filtering_is_global=true) will dereference an invalid dp in<br />
dsa_port_reset_vlan_filtering() after leaving a VLAN-aware bridge.<br />
<br />
Use a dedicated "other_dp" iterator variable to avoid this from<br />
happening.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 5.18.15 (excluding) |
| cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.19:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.19:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.19:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.19:rc5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.19:rc6:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.19:rc7:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page