CVE-2022-49083

MEDIUM EPSS 13.1%
Published Feb 26, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: iommu/omap: Fix regression in probe for NULL pointer dereference Commit 3f6634d997db ("iommu: Use right way to retrieve iommu_ops") started triggering a NULL pointer dereference for some omap variants: __iommu_probe_device from probe_iommu_group+0x2c/0x38 probe_iommu_group from bus_for_each_dev+0x74/0xbc bus_for_each_dev from bus_iommu_probe+0x34/0x2e8 bus_iommu_probe from bus_set_iommu+0x80/0xc8 bus_set_iommu from omap_iommu_init+0x88/0xcc omap_iommu_init from do_one_initcall+0x44/0x24 This is caused by omap iommu probe returning 0 instead of ERR_PTR(-ENODEV) as noted by Jason Gunthorpe <jgg@ziepe.ca>. Looks like the regression already happened with an earlier commit 6785eb9105e3 ("iommu/omap: Convert to probe/release_device() call-backs") that changed the function return type and missed converting one place.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
13.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥5.8  –  <5.10.111
linuxlinux_kernel*≥5.11  –  <5.15.34
linuxlinux_kernel*≥5.16  –  <5.16.20
linuxlinux_kernel*≥5.17  –  <5.17.3
linuxlinux_kernel5.18any

References 5

  • git.kernel.org https://git.kernel.org/stable/c/1d89f2b9eadbcf3ce93c6d7238f68299a1f84968
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/47e239117bd97c8556f9187af7a9a7938db4e021
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/71ff461c3f41f6465434b9e980c01782763e7ad8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bd905fed87ce01ac010011bb8f44ed0140116ceb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ea518578aa8a9a0280605b53cc33f707e10c8178
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1d89f2b9eadbcf3ce93c6d7238f68299a1f84968
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/47e239117bd97c8556f9187af7a9a7938db4e021
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/71ff461c3f41f6465434b9e980c01782763e7ad8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bd905fed87ce01ac010011bb8f44ed0140116ceb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ea518578aa8a9a0280605b53cc33f707e10c8178
    Patch