CVE-2022-48841

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats() It is possible to do NULL pointer dereference in routine that updates Tx ring stats. Currently only stats and bytes are updated when ring pointer is valid, but later on ring is accessed to propagate gathered Tx stats onto VSI stats. Change the existing logic to move to next ring when ring is NULL.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/2397270ec97c5e3009a58ac110a25e1869e9d6ff	Mailing List Patch
https://git.kernel.org/stable/c/f153546913bada41a811722f2c6d17c3243a0333	Mailing List Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:5.17:rc1::::::
	cpe:2.3:o:linux:linux_kernel:5.17:rc2::::::
	cpe:2.3:o:linux:linux_kernel:5.17:rc3::::::
	cpe:2.3:o:linux:linux_kernel:5.17:rc4::::::
	cpe:2.3:o:linux:linux_kernel:5.17:rc5::::::
	cpe:2.3:o:linux:linux_kernel:5.17:rc6::::::
	cpe:2.3:o:linux:linux_kernel:5.17:rc7::::::
	cpe:2.3:o:linux:linux_kernel:5.17:rc8::::::

History

No history.

Information

Published : 2024-07-16 13:15

Updated : 2024-07-17 20:31

NVD link : CVE-2022-48841

Mitre link : CVE-2022-48841

CVE.ORG link : CVE-2022-48841

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2022-48841", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-07-16T13:15:11.513", "references": [{"url": "https://git.kernel.org/stable/c/2397270ec97c5e3009a58ac110a25e1869e9d6ff", "tags": ["Mailing List", "Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f153546913bada41a811722f2c6d17c3243a0333", "tags": ["Mailing List", "Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats()\n\nIt is possible to do NULL pointer dereference in routine that updates\nTx ring stats. Currently only stats and bytes are updated when ring\npointer is valid, but later on ring is accessed to propagate gathered Tx\nstats onto VSI stats.\n\nChange the existing logic to move to next ring when ring is NULL."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ice: corrige la desreferencia del puntero NULL en ice_update_vsi_tx_ring_stats() Es posible realizar la desreferencia del puntero NULL en la rutina que actualiza las estad\u00edsticas del anillo Tx. Actualmente, solo se actualizan las estad\u00edsticas y los bytes cuando el puntero del anillo es v\u00e1lido, pero m\u00e1s adelante se accede al anillo para propagar las estad\u00edsticas de Tx recopiladas en las estad\u00edsticas de VSI. Cambie la l\u00f3gica existente para pasar al siguiente anillo cuando el anillo sea NULL."}], "lastModified": "2024-07-17T20:31:28.440", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "173AD596-53A7-4863-BF97-0E7B94AFDB85", "versionEndExcluding": "5.16.17"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BED18363-5ABC-4639-8BBA-68E771E5BB3F"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F635F96-FA0A-4769-ADE8-232B3AC9116D"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD39FE73-2A9D-4C92-AE7A-CA22F84B228D"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}