CVE-2022-49429

MEDIUM EPSS 15.9%
Published Feb 26, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent panic when SDMA is disabled If the hfi1 module is loaded with HFI1_CAP_SDMA off, a call to hfi1_write_iter() will dereference a NULL pointer and panic. A typical stack frame is: sdma_select_user_engine [hfi1] hfi1_user_sdma_process_request [hfi1] hfi1_write_iter [hfi1] do_iter_readv_writev do_iter_write vfs_writev do_writev do_syscall_64 The fix is to test for SDMA in hfi1_write_iter() and fail the I/O with EINVAL.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
15.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel* <4.14.283
linuxlinux_kernel*≥4.15  –  <4.19.247
linuxlinux_kernel*≥4.20  –  <5.4.198
linuxlinux_kernel*≥5.5  –  <5.10.121
linuxlinux_kernel*≥5.11  –  <5.15.46
linuxlinux_kernel*≥5.16  –  <5.17.14
linuxlinux_kernel*≥5.18  –  <5.18.3

References 8

  • git.kernel.org https://git.kernel.org/stable/c/0e4dda8b3f4c07ee9ea670a10ea3171a5e63a86f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/22e7e400fd1a890db2ea13686324aff50e972f4f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/29952ab85d6c3fe0b7909d9a737f10c58bf6824d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/32e6aea33944f364d51cd263e4cd236393a188b6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/33794e8e9bcb4affc0ebff9cdec85acc8b8a1762
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/629e052d0c98e46dde9f0824f0aa437f678d9b8f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cc80d3c37cec9d6ddb140483647901bc7cc6c31d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e60ad83f645ee6fadd5a8057ba267aeec54f08fe
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0e4dda8b3f4c07ee9ea670a10ea3171a5e63a86f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/22e7e400fd1a890db2ea13686324aff50e972f4f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/29952ab85d6c3fe0b7909d9a737f10c58bf6824d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/32e6aea33944f364d51cd263e4cd236393a188b6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/33794e8e9bcb4affc0ebff9cdec85acc8b8a1762
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/629e052d0c98e46dde9f0824f0aa437f678d9b8f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cc80d3c37cec9d6ddb140483647901bc7cc6c31d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e60ad83f645ee6fadd5a8057ba267aeec54f08fe
    Patch