CVE-2022-48703 Information

Description

In the Linux kernel the following vulnerability has been resolved:

thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR

In some case the GDDV returns a package with a buffer which has zero length. It causes that kmemdup() returns ZERO_SIZE_PTR (0x10).

Then the data_vault_read() got NULL point dereference problem when accessing the 0x10 value in data_vault.

[ 71.024560] BUG: kernel NULL pointer dereference address: 0000000000000010

This patch uses ZERO_OR_NULL_PTR() for checking ZERO_SIZE_PTR or NULL value in data_vault.

Reference

https://git.kernel.org/stable/c/dae42083b045a4ddf71c57cf350cb2412b5915c2 https://git.kernel.org/stable/c/7931e28098a4c1a2a6802510b0cbe57546d2049d