| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025050137-CVE-2022-49832-d04a@gregkh> Date: Thu, 1 May 2025 16:10:22 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-49832: pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map Here is the BUG report by KASAN about null pointer dereference: BUG: KASAN: null-ptr-deref in strcmp+0x2e/0x50 Read of size 1 at addr 0000000000000000 by task python3/2640 Call Trace: strcmp __of_find_property of_find_property pinctrl_dt_to_map kasprintf() would return NULL pointer when kmalloc() fail to allocate. So directly return ENOMEM, if kasprintf() return NULL pointer. The Linux kernel CVE team has assigned CVE-2022-49832 to this issue. Affected and fixed versions =========================== Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 4.9.334 with commit aaf552c5d53abe4659176e099575fe870d2e4768 Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 4.14.300 with commit b4d9f55cd38435358bc16d580612bc0d798d7b4c Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 4.19.267 with commit a988dcd3dd9e691c5ccc3324b209688f3b5453e9 Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 5.4.225 with commit 040f726fecd88121f3b95e70369785ad452dddf9 Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 5.10.156 with commit 777430aa4ddccaa5accec6db90ffc1d47f00d471 Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 5.15.80 with commit 97e5b508e96176f1a73888ed89df396d7041bfcb Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 6.0.10 with commit 5834a3a98cd266ad35a229923c0adbd0addc8d68 Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 6.1 with commit 91d5c5060ee24fe8da88cd585bb43b843d2f0dce Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49832 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/pinctrl/devicetree.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/aaf552c5d53abe4659176e099575fe870d2e4768 https://git.kernel.org/stable/c/b4d9f55cd38435358bc16d580612bc0d798d7b4c https://git.kernel.org/stable/c/a988dcd3dd9e691c5ccc3324b209688f3b5453e9 https://git.kernel.org/stable/c/040f726fecd88121f3b95e70369785ad452dddf9 https://git.kernel.org/stable/c/777430aa4ddccaa5accec6db90ffc1d47f00d471 https://git.kernel.org/stable/c/97e5b508e96176f1a73888ed89df396d7041bfcb https://git.kernel.org/stable/c/5834a3a98cd266ad35a229923c0adbd0addc8d68 https://git.kernel.org/stable/c/91d5c5060ee24fe8da88cd585bb43b843d2f0dce
Powered by blists - more mailing lists