CVE-2022-49376
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
26/02/2025
Last modified:
01/10/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
scsi: sd: Fix potential NULL pointer dereference<br />
<br />
If sd_probe() sees an early error before sdkp->device is initialized,<br />
sd_zbc_release_disk() is called. This causes a NULL pointer dereference<br />
when sd_is_zoned() is called inside that function. Avoid this by removing<br />
the call to sd_zbc_release_disk() in sd_probe() error path.<br />
<br />
This change is safe and does not result in zone information memory leakage<br />
because the zone information for a zoned disk is allocated only when<br />
sd_revalidate_disk() is called, at which point sdkp->disk_dev is fully set,<br />
resulting in sd_disk_release() being called when needed to cleanup a disk<br />
zone information using sd_zbc_release_disk().
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.10 (including) | 5.10.122 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.47 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 5.17.15 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.18 (including) | 5.18.4 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/05fbde3a77a4f1d62e4c4428f384288c1f1a0be5
- https://git.kernel.org/stable/c/0fcb0b131cc90c8f523a293d84c58d0c7273c96f
- https://git.kernel.org/stable/c/3733439593ad12f7b54ae35c273ea6f15d692de3
- https://git.kernel.org/stable/c/78f8e96df06e2d04d82d4071c299b59d28744f47
- https://git.kernel.org/stable/c/c1f0187025905e9981000d44a92e159468b561a8