CVE-2022-49010
hwmon: (coretemp) Check for null before removing sysfs attrs
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (coretemp) Check for null before removing sysfs attrs
If coretemp_add_core() gets an error then pdata->core_data[indx]
is already NULL and has been kfreed. Don't pass that to
sysfs_remove_group() as that will crash in sysfs_remove_group().
[Shortened for readability]
[91854.020159] sysfs: cannot create duplicate filename '/devices/platform/coretemp.0/hwmon/hwmon2/temp20_label'
<cpu offline>
[91855.126115] BUG: kernel NULL pointer dereference, address: 0000000000000188
[91855.165103] #PF: supervisor read access in kernel mode
[91855.194506] #PF: error_code(0x0000) - not-present page
[91855.224445] PGD 0 P4D 0
[91855.238508] Oops: 0000 [#1] PREEMPT SMP PTI
...
[91855.342716] RIP: 0010:sysfs_remove_group+0xc/0x80
...
[91855.796571] Call Trace:
[91855.810524] coretemp_cpu_offline+0x12b/0x1dd [coretemp]
[91855.841738] ? coretemp_cpu_online+0x180/0x180 [coretemp]
[91855.871107] cpuhp_invoke_callback+0x105/0x4b0
[91855.893432] cpuhp_thread_fun+0x8e/0x150
...
Fix this by checking for NULL first.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-08-22 CVE Reserved
- 2024-10-21 CVE Published
- 2024-10-25 EPSS Updated
- 2024-11-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/199e0de7f5df31a4fc485d4aaaf8a07718252ace | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2022-49010 | 2023-05-16 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2320780 | 2023-05-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.0 < 4.9.335 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.0 < 4.9.335" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.0 < 4.14.301 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.0 < 4.14.301" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.0 < 4.19.268 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.0 < 4.19.268" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.0 < 5.4.226 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.0 < 5.4.226" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.0 < 5.10.158 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.0 < 5.10.158" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.0 < 5.15.82 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.0 < 5.15.82" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.0 < 6.0.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.0 < 6.0.12" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.0 < 6.1 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.0 < 6.1" | en |
Affected
| ||||||