CVE-2022-49895

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> cxl/region: Fix decoder allocation crash<br /> <br /> When an intermediate port&amp;#39;s decoders have been exhausted by existing<br /> regions, and creating a new region with the port in question in it&amp;#39;s<br /> hierarchical path is attempted, cxl_port_attach_region() fails to find a<br /> port decoder (as would be expected), and drops into the failure / cleanup<br /> path.<br /> <br /> However, during cleanup of the region reference, a sanity check attempts<br /> to dereference the decoder, which in the above case didn&amp;#39;t exist. This<br /> causes a NULL pointer dereference BUG.<br /> <br /> To fix this, refactor the decoder allocation and de-allocation into<br /> helper routines, and in this &amp;#39;free&amp;#39; routine, check that the decoder,<br /> @cxld, is valid before attempting any operations on it.