CVE-2022-49268

MEDIUM EPSS 15.1%
Published Feb 26, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM Do not call snd_dma_free_pages() when snd_dma_alloc_pages() returns -ENOMEM because it leads to a NULL pointer dereference bug. The dmesg says: [ T1387] sof-audio-pci-intel-tgl 0000:00:1f.3: error: memory alloc failed: -12 [ T1387] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ T1387] #PF: supervisor read access in kernel mode [ T1387] #PF: error_code(0x0000) - not-present page [ T1387] PGD 0 P4D 0 [ T1387] Oops: 0000 [#1] PREEMPT SMP NOPTI [ T1387] CPU: 6 PID: 1387 Comm: alsa-sink-HDA A Tainted: G W 5.17.0-rc4-superb-owl-00055-g80d47f5de5e3 [ T1387] Hardware name: HP HP Laptop 14s-dq2xxx/87FD, BIOS F.15 09/15/2021 [ T1387] RIP: 0010:dma_free_noncontiguous+0x37/0x80 [ T1387] Code: [... snip ...] [ T1387] RSP: 0000:ffffc90002b87770 EFLAGS: 00010246 [ T1387] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ T1387] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888101db30d0 [ T1387] RBP: 00000000fffffff4 R08: 0000000000000000 R09: 0000000000000000 [ T1387] R10: 0000000000000000 R11: ffffc90002b874d0 R12: 0000000000000001 [ T1387] R13: 0000000000058000 R14: ffff888105260c68 R15: ffff888105260828 [ T1387] FS: 00007f42e2ffd640(0000) GS:ffff888466b80000(0000) knlGS:0000000000000000 [ T1387] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ T1387] CR2: 0000000000000000 CR3: 000000014acf0003 CR4: 0000000000770ee0 [ T1387] PKRU: 55555554 [ T1387] Call Trace: [ T1387] <TASK> [ T1387] cl_stream_prepare+0x10a/0x120 [snd_sof_intel_hda_common 146addf995b9279ae7f509621078cccbe4f875e1] [... snip ...] [ T1387] </TASK>

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
15.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥5.2  –  <5.4.189
linuxlinux_kernel*≥5.5  –  <5.10.110
linuxlinux_kernel*≥5.11  –  <5.15.33
linuxlinux_kernel*≥5.16  –  <5.16.19
linuxlinux_kernel*≥5.17  –  <5.17.2

References 6

  • git.kernel.org https://git.kernel.org/stable/c/01df5f7627f1624d6bb0b8c0870a569b32adfbf8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/09eca322d4118dc26570ca6100fa34e59e5a5143
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/0c307349fe060971625b856c92f0361b8ea9a120
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/67f7bd9ff9079c1ee2de58e024fb582905c74c16
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b6094744e261083d3790c3def770ebf5060d383b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b7fb0ae09009d076964afe4c1a2bde1ee2bd88a9
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/01df5f7627f1624d6bb0b8c0870a569b32adfbf8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/09eca322d4118dc26570ca6100fa34e59e5a5143
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/0c307349fe060971625b856c92f0361b8ea9a120
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/67f7bd9ff9079c1ee2de58e024fb582905c74c16
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b6094744e261083d3790c3def770ebf5060d383b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b7fb0ae09009d076964afe4c1a2bde1ee2bd88a9
    Patch