CVE-2022-49806 Information

May 02, 2025 cve

Description

In the Linux kernel the following vulnerability has been resolved:

net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start()

sparx_stats_init() calls create_singlethread_workqueue() and not checked the ret value which may return NULL. And a null-ptr-deref may happen:

sparx_stats_init() create_singlethread_workqueue() failed sparx5->stats_queue is NULL queue_delayed_work() queue_delayed_work_on() __queue_delayed_work() warning here but continue __queue_work() access wq->flags null-ptr-deref

Check the ret value and return -ENOMEM if it is NULL. So as sparx5_start().

Reference

https://git.kernel.org/stable/c/456327e565dc49d18b2f595f39f47df8a36f1057 https://git.kernel.org/stable/c/639f5d006e36bb303f525d9479448c412b720c39 https://git.kernel.org/stable/c/80e590aeb132887102c3fa79d99b338f099dc952

Share on: