{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48891", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-08-21T06:06:23.290Z", "datePublished": "2024-08-21T06:10:23.318Z", "dateUpdated": "2024-09-12T17:33:06.401Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-08-21T06:10:23.318Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: da9211: Use irq handler when ready\n\nIf the system does not come from reset (like when it is kexec()), the\nregulator might have an IRQ waiting for us.\n\nIf we enable the IRQ handler before its structures are ready, we crash.\n\nThis patch fixes:\n\n[ 1.141839] Unable to handle kernel read from unreadable memory at virtual address 0000000000000078\n[ 1.316096] Call trace:\n[ 1.316101] blocking_notifier_call_chain+0x20/0xa8\n[ 1.322757] cpu cpu0: dummy supplies not allowed for exclusive requests\n[ 1.327823] regulator_notifier_call_chain+0x1c/0x2c\n[ 1.327825] da9211_irq_handler+0x68/0xf8\n[ 1.327829] irq_thread+0x11c/0x234\n[ 1.327833] kthread+0x13c/0x154"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/regulator/da9211-regulator.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "1c1afcb8839b", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "f75cde714e0a", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "d443308edbfb", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "d4aa749e0464", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "470f6a9175f1", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "ad1336274f73", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "02228f6aa6a6", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/regulator/da9211-regulator.c"], "versions": [{"version": "4.14.303", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.270", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.229", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.164", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.89", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.7", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/1c1afcb8839b91c09d211ea304faa269763b1f91"}, {"url": "https://git.kernel.org/stable/c/f75cde714e0a67f73ef169aa50d4ed77d04f7236"}, {"url": "https://git.kernel.org/stable/c/d443308edbfb6e9e757b478af908515110d1efd5"}, {"url": "https://git.kernel.org/stable/c/d4aa749e046435f054e94ebf50cad143d6229fae"}, {"url": "https://git.kernel.org/stable/c/470f6a9175f13a53810734658c35cc5bba33be01"}, {"url": "https://git.kernel.org/stable/c/ad1336274f733a7cb1f87b5c5908165a2c14df53"}, {"url": "https://git.kernel.org/stable/c/02228f6aa6a64d588bc31e3267d05ff184d772eb"}], "title": "regulator: da9211: Use irq handler when ready", "x_generator": {"engine": "bippy-c9c4e1df01b2"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48891", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:04:22.121781Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T17:33:06.401Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48891", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:04:22.121781Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:14.850Z"}}], "cna": {"title": "regulator: da9211: Use irq handler when ready", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "1c1afcb8839b", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "f75cde714e0a", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "d443308edbfb", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "d4aa749e0464", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "470f6a9175f1", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "ad1336274f73", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "02228f6aa6a6", "versionType": "git"}], "programFiles": ["drivers/regulator/da9211-regulator.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "4.14.303", "versionType": "custom", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.270", "versionType": "custom", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.229", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.164", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.89", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.7", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/regulator/da9211-regulator.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/1c1afcb8839b91c09d211ea304faa269763b1f91"}, {"url": "https://git.kernel.org/stable/c/f75cde714e0a67f73ef169aa50d4ed77d04f7236"}, {"url": "https://git.kernel.org/stable/c/d443308edbfb6e9e757b478af908515110d1efd5"}, {"url": "https://git.kernel.org/stable/c/d4aa749e046435f054e94ebf50cad143d6229fae"}, {"url": "https://git.kernel.org/stable/c/470f6a9175f13a53810734658c35cc5bba33be01"}, {"url": "https://git.kernel.org/stable/c/ad1336274f733a7cb1f87b5c5908165a2c14df53"}, {"url": "https://git.kernel.org/stable/c/02228f6aa6a64d588bc31e3267d05ff184d772eb"}], "x_generator": {"engine": "bippy-c9c4e1df01b2"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: da9211: Use irq handler when ready\n\nIf the system does not come from reset (like when it is kexec()), the\nregulator might have an IRQ waiting for us.\n\nIf we enable the IRQ handler before its structures are ready, we crash.\n\nThis patch fixes:\n\n[ 1.141839] Unable to handle kernel read from unreadable memory at virtual address 0000000000000078\n[ 1.316096] Call trace:\n[ 1.316101] blocking_notifier_call_chain+0x20/0xa8\n[ 1.322757] cpu cpu0: dummy supplies not allowed for exclusive requests\n[ 1.327823] regulator_notifier_call_chain+0x1c/0x2c\n[ 1.327825] da9211_irq_handler+0x68/0xf8\n[ 1.327829] irq_thread+0x11c/0x234\n[ 1.327833] kthread+0x13c/0x154"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-08-21T06:10:23.318Z"}}}, "cveMetadata": {"cveId": "CVE-2022-48891", "state": "PUBLISHED", "dateUpdated": "2024-09-12T17:33:06.401Z", "dateReserved": "2024-08-21T06:06:23.290Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-08-21T06:10:23.318Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "201B76DB-8AF9-4EC9-BE08-907DEFA3435E", "versionEndExcluding": "4.14.303", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE8904A3-99BE-4E49-9682-1F90A6373F4F", "versionEndExcluding": "4.19.270", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A0C0D95E-414A-445E-941B-3EF6A4D3A093", "versionEndExcluding": "5.4.229", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA742E66-32D2-459E-AB19-171C4DB3B1F4", "versionEndExcluding": "5.10.164", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E706841F-E788-4316-9B05-DA8EB60CE6B3", "versionEndExcluding": "5.15.89", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9275C81F-AE96-4CDB-AD20-7DBD36E5D909", "versionEndExcluding": "6.1.7", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*", "matchCriteriaId": "FF501633-2F44-4913-A8EE-B021929F49F6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*", "matchCriteriaId": "2BDA597B-CAC1-4DF0-86F0-42E142C654E9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*", "matchCriteriaId": "725C78C9-12CE-406F-ABE8-0813A01D66E8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: da9211: Use irq handler when ready\n\nIf the system does not come from reset (like when it is kexec()), the\nregulator might have an IRQ waiting for us.\n\nIf we enable the IRQ handler before its structures are ready, we crash.\n\nThis patch fixes:\n\n[ 1.141839] Unable to handle kernel read from unreadable memory at virtual address 0000000000000078\n[ 1.316096] Call trace:\n[ 1.316101] blocking_notifier_call_chain+0x20/0xa8\n[ 1.322757] cpu cpu0: dummy supplies not allowed for exclusive requests\n[ 1.327823] regulator_notifier_call_chain+0x1c/0x2c\n[ 1.327825] da9211_irq_handler+0x68/0xf8\n[ 1.327829] irq_thread+0x11c/0x234\n[ 1.327833] kthread+0x13c/0x154"}, {"lang": "es", "value": "En el kernel de Linux se ha solucionado la siguiente vulnerabilidad: regulator: da9211: Usar irq handler cuando est\u00e9 listo Si el sistema no viene del reset (como cuando es kexec()), es posible que el regulador tenga una IRQ esper\u00e1ndonos. Si habilitamos el controlador IRQ antes de que sus estructuras est\u00e9n listas, fallamos. Este parche corrige: [1.141839] No se puede manejar la lectura del kernel desde una memoria ilegible en la direcci\u00f3n virtual 0000000000000078 [1.316096] Rastreo de llamadas: [1.316101] blocking_notifier_call_chain+0x20/0xa8 [ 1.322757] cpu cpu0: suministros ficticios no permitidos para solicitudes exclusivas [ 1.327 823] regulador_notificador_call_chain +0x1c/0x2c [ 1.327825] da9211_irq_handler+0x68/0xf8 [ 1.327829] irq_thread+0x11c/0x234 [ 1.327833] kthread+0x13c/0x154"}], "id": "CVE-2022-48891", "lastModified": "2024-09-06T15:39:03.433", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-08-21T07:15:05.360", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/02228f6aa6a64d588bc31e3267d05ff184d772eb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1c1afcb8839b91c09d211ea304faa269763b1f91"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/470f6a9175f13a53810734658c35cc5bba33be01"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ad1336274f733a7cb1f87b5c5908165a2c14df53"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d443308edbfb6e9e757b478af908515110d1efd5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d4aa749e046435f054e94ebf50cad143d6229fae"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f75cde714e0a67f73ef169aa50d4ed77d04f7236"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: regulator: da9211: Use irq handler when ready", "id": "2306412", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306412"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-99", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nregulator: da9211: Use irq handler when ready\nIf the system does not come from reset (like when it is kexec()), the\nregulator might have an IRQ waiting for us.\nIf we enable the IRQ handler before its structures are ready, we crash.\nThis patch fixes:\n[ 1.141839] Unable to handle kernel read from unreadable memory at virtual address 0000000000000078\n[ 1.316096] Call trace:\n[ 1.316101] blocking_notifier_call_chain+0x20/0xa8\n[ 1.322757] cpu cpu0: dummy supplies not allowed for exclusive requests\n[ 1.327823] regulator_notifier_call_chain+0x1c/0x2c\n[ 1.327825] da9211_irq_handler+0x68/0xf8\n[ 1.327829] irq_thread+0x11c/0x234\n[ 1.327833] kthread+0x13c/0x154"], "name": "CVE-2022-48891", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-08-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48891\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48891\nhttps://lore.kernel.org/linux-cve-announce/2024082109-CVE-2022-48891-e463@gregkh/T"], "threat_severity": "Moderate"}