CVE-2022-48663 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: fix NULL pointer dereference when removing debugfs We now remove the device's debugfs entries when unbinding the driver. This now causes a NULL-pointer dereference on module exit because the platform devices are unregistered *after* the global debugfs directory has been recursively removed. Fix it by unregistering the devices first.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/18352095a0d581f6aeb1e9fc9d68cc0152cd64b4
https://git.kernel.org/stable/c/af0bfabf06c74c260265c30ba81a34e7dec0e881
https://git.kernel.org/stable/c/b7df41a6f79dfb18ba2203f8c5f0e9c0b9b57f68
https://git.kernel.org/stable/c/bdea98b98f844bd8a983ca880893e509a8b4162f
https://lore.kernel.org/linux-cve-announce/2024042801-CVE-2022-48663-397d@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-48663
https://www.cve.org/CVERecord?id=CVE-2022-48663

History

Thu, 12 Sep 2024 20:30:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-04-28T13:01:36.158Z

Updated: 2024-09-11T17:33:54.124Z

Reserved: 2024-02-25T13:44:28.320Z

Link: CVE-2022-48663

Vulnrichment

Updated: 2024-08-03T15:17:55.854Z

NVD

Status : Awaiting Analysis

Published: 2024-04-28T13:15:07.980

Modified: 2024-04-29T12:42:03.667

Link: CVE-2022-48663

Redhat

Severity : Low

Publid Date: 2024-04-28T00:00:00Z

Links: CVE-2022-48663 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48663", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-25T13:44:28.320Z", "datePublished": "2024-04-28T13:01:36.158Z", "dateUpdated": "2024-09-11T17:33:54.124Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:11:06.124Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: mockup: fix NULL pointer dereference when removing debugfs\n\nWe now remove the device's debugfs entries when unbinding the driver.\nThis now causes a NULL-pointer dereference on module exit because the\nplatform devices are unregistered *after* the global debugfs directory\nhas been recursively removed. Fix it by unregistering the devices first."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpio/gpio-mockup.c"], "versions": [{"version": "3815e66c2183", "lessThan": "bdea98b98f84", "status": "affected", "versionType": "git"}, {"version": "3a10e8edee2b", "lessThan": "18352095a0d5", "status": "affected", "versionType": "git"}, {"version": "bc55c1677edb", "lessThan": "af0bfabf06c7", "status": "affected", "versionType": "git"}, {"version": "303e6da99429", "lessThan": "b7df41a6f79d", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpio/gpio-mockup.c"], "versions": [{"version": "5.10.144", "lessThan": "5.10.146", "status": "affected", "versionType": "custom"}, {"version": "5.15.69", "lessThan": "5.15.71", "status": "affected", "versionType": "custom"}, {"version": "5.19.10", "lessThan": "5.19.12", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://git.kernel.org/stable/c/bdea98b98f844bd8a983ca880893e509a8b4162f"}, {"url": "https://git.kernel.org/stable/c/18352095a0d581f6aeb1e9fc9d68cc0152cd64b4"}, {"url": "https://git.kernel.org/stable/c/af0bfabf06c74c260265c30ba81a34e7dec0e881"}, {"url": "https://git.kernel.org/stable/c/b7df41a6f79dfb18ba2203f8c5f0e9c0b9b57f68"}], "title": "gpio: mockup: fix NULL pointer dereference when removing debugfs", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:17:55.854Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/bdea98b98f844bd8a983ca880893e509a8b4162f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/18352095a0d581f6aeb1e9fc9d68cc0152cd64b4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/af0bfabf06c74c260265c30ba81a34e7dec0e881", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b7df41a6f79dfb18ba2203f8c5f0e9c0b9b57f68", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48663", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:45:58.565669Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:54.124Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/bdea98b98f844bd8a983ca880893e509a8b4162f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/18352095a0d581f6aeb1e9fc9d68cc0152cd64b4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/af0bfabf06c74c260265c30ba81a34e7dec0e881", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b7df41a6f79dfb18ba2203f8c5f0e9c0b9b57f68", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:17:55.854Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48663", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:45:58.565669Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:19.515Z"}}], "cna": {"title": "gpio: mockup: fix NULL pointer dereference when removing debugfs", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "3815e66c2183", "lessThan": "bdea98b98f84", "versionType": "git"}, {"status": "affected", "version": "3a10e8edee2b", "lessThan": "18352095a0d5", "versionType": "git"}, {"status": "affected", "version": "bc55c1677edb", "lessThan": "af0bfabf06c7", "versionType": "git"}, {"status": "affected", "version": "303e6da99429", "lessThan": "b7df41a6f79d", "versionType": "git"}], "programFiles": ["drivers/gpio/gpio-mockup.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.10.144", "lessThan": "5.10.146", "versionType": "custom"}, {"status": "affected", "version": "5.15.69", "lessThan": "5.15.71", "versionType": "custom"}, {"status": "affected", "version": "5.19.10", "lessThan": "5.19.12", "versionType": "custom"}], "programFiles": ["drivers/gpio/gpio-mockup.c"], "defaultStatus": "unaffected"}], "references": [{"url": "https://git.kernel.org/stable/c/bdea98b98f844bd8a983ca880893e509a8b4162f"}, {"url": "https://git.kernel.org/stable/c/18352095a0d581f6aeb1e9fc9d68cc0152cd64b4"}, {"url": "https://git.kernel.org/stable/c/af0bfabf06c74c260265c30ba81a34e7dec0e881"}, {"url": "https://git.kernel.org/stable/c/b7df41a6f79dfb18ba2203f8c5f0e9c0b9b57f68"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: mockup: fix NULL pointer dereference when removing debugfs\n\nWe now remove the device's debugfs entries when unbinding the driver.\nThis now causes a NULL-pointer dereference on module exit because the\nplatform devices are unregistered *after* the global debugfs directory\nhas been recursively removed. Fix it by unregistering the devices first."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:11:06.124Z"}}}, "cveMetadata": {"cveId": "CVE-2022-48663", "state": "PUBLISHED", "dateUpdated": "2024-09-11T17:33:54.124Z", "dateReserved": "2024-02-25T13:44:28.320Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-28T13:01:36.158Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"bugzilla": {"description": "kernel: gpio: mockup: fix NULL pointer dereference when removing debugfs", "id": "2277797", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277797"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ngpio: mockup: fix NULL pointer dereference when removing debugfs\nWe now remove the device's debugfs entries when unbinding the driver.\nThis now causes a NULL-pointer dereference on module exit because the\nplatform devices are unregistered *after* the global debugfs directory\nhas been recursively removed. Fix it by unregistering the devices first."], "name": "CVE-2022-48663", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48663\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48663\nhttps://lore.kernel.org/linux-cve-announce/2024042801-CVE-2022-48663-397d@gregkh/T"], "statement": "Red Hat Enterprise Linux 8 is not affected by this vulnerability as the affected source code is not enabled by default.", "threat_severity": "Low", "upstream_fix": "kernel 5.10.146, kernel 5.15.71, kernel 5.19.12"}