| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025061846-CVE-2022-50218-7eca@gregkh> Date: Wed, 18 Jun 2025 13:04:43 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-50218: iio: light: isl29028: Fix the warning in isl29028_remove() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: iio: light: isl29028: Fix the warning in isl29028_remove() The driver use the non-managed form of the register function in isl29028_remove(). To keep the release order as mirroring the ordering in probe, the driver should use non-managed form in probe, too. The following log reveals it: [ 32.374955] isl29028 0-0010: remove [ 32.376861] general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN PTI [ 32.377676] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037] [ 32.379432] RIP: 0010:kernfs_find_and_get_ns+0x28/0xe0 [ 32.385461] Call Trace: [ 32.385807] sysfs_unmerge_group+0x59/0x110 [ 32.386110] dpm_sysfs_remove+0x58/0xc0 [ 32.386391] device_del+0x296/0xe50 [ 32.386959] cdev_device_del+0x1d/0xd0 [ 32.387231] devm_iio_device_unreg+0x27/0xb0 [ 32.387542] devres_release_group+0x319/0x3d0 [ 32.388162] i2c_device_remove+0x93/0x1f0 The Linux kernel CVE team has assigned CVE-2022-50218 to this issue. Affected and fixed versions =========================== Issue introduced in 4.11 with commit 2db5054ac28d4ab2eaa6c67e2d9f61fa5ba006b8 and fixed in 4.14.291 with commit ca63d5abf404d2934e2ac03545350de7bb8c8e96 Issue introduced in 4.11 with commit 2db5054ac28d4ab2eaa6c67e2d9f61fa5ba006b8 and fixed in 4.19.256 with commit 359f3b150eab30805fe0e4e9d616887d7257a625 Issue introduced in 4.11 with commit 2db5054ac28d4ab2eaa6c67e2d9f61fa5ba006b8 and fixed in 5.4.211 with commit ed43fb20d3d1fca9d79db0d5faf4321a4dd58c23 Issue introduced in 4.11 with commit 2db5054ac28d4ab2eaa6c67e2d9f61fa5ba006b8 and fixed in 5.10.137 with commit fb1888205c0782f287e5dd4ffff1f665332e868c Issue introduced in 4.11 with commit 2db5054ac28d4ab2eaa6c67e2d9f61fa5ba006b8 and fixed in 5.15.61 with commit fac589fb764699a4bcd288f6656b8cd0408ea968 Issue introduced in 4.11 with commit 2db5054ac28d4ab2eaa6c67e2d9f61fa5ba006b8 and fixed in 5.18.18 with commit 4f0ebfb4b9bfad2326c0b2c3cc7e37f4b9ee9eba Issue introduced in 4.11 with commit 2db5054ac28d4ab2eaa6c67e2d9f61fa5ba006b8 and fixed in 5.19.2 with commit a1135205b0affd255510775a27df571aca84ab4b Issue introduced in 4.11 with commit 2db5054ac28d4ab2eaa6c67e2d9f61fa5ba006b8 and fixed in 6.0 with commit 06674fc7c003b9d0aa1d37fef7ab2c24802cc6ad Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-50218 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/iio/light/isl29028.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/ca63d5abf404d2934e2ac03545350de7bb8c8e96 https://git.kernel.org/stable/c/359f3b150eab30805fe0e4e9d616887d7257a625 https://git.kernel.org/stable/c/ed43fb20d3d1fca9d79db0d5faf4321a4dd58c23 https://git.kernel.org/stable/c/fb1888205c0782f287e5dd4ffff1f665332e868c https://git.kernel.org/stable/c/fac589fb764699a4bcd288f6656b8cd0408ea968 https://git.kernel.org/stable/c/4f0ebfb4b9bfad2326c0b2c3cc7e37f4b9ee9eba https://git.kernel.org/stable/c/a1135205b0affd255510775a27df571aca84ab4b https://git.kernel.org/stable/c/06674fc7c003b9d0aa1d37fef7ab2c24802cc6ad
Powered by blists - more mailing lists