CVE-2022-48772
Published: Jun 25, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: media: lgdt3306a: Add a check against null-pointer-def The driver should check whether the client provides the platform_data. The following log reveals it: [ 29.610324] BUG: KASAN: null-ptr-deref in kmemdup+0x30/0x40 [ 29.610730] Read of size 40 at addr 0000000000000000 by task bash/414 [ 29.612820] Call Trace: [ 29.613030] <TASK> [ 29.613201] dump_stack_lvl+0x56/0x6f [ 29.613496] ? kmemdup+0x30/0x40 [ 29.613754] print_report.cold+0x494/0x6b7 [ 29.614082] ? kmemdup+0x30/0x40 [ 29.614340] kasan_report+0x8a/0x190 [ 29.614628] ? kmemdup+0x30/0x40 [ 29.614888] kasan_check_range+0x14d/0x1d0 [ 29.615213] memcpy+0x20/0x60 [ 29.615454] kmemdup+0x30/0x40 [ 29.615700] lgdt3306a_probe+0x52/0x310 [ 29.616339] i2c_device_probe+0x951/0xa90
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 4f75189024f4186a7ff9d56f4a8cb690774412ec - < 8915dcd29a82096acacf54364a8425363782aea0affected 4f75189024f4186a7ff9d56f4a8cb690774412ec - < b479fd59a1f4a342b69fce34f222d93bf791dca4affected 4f75189024f4186a7ff9d56f4a8cb690774412ec - < 526238d32c3acc3d597fd8c9a34652bfe9086ceaaffected 4f75189024f4186a7ff9d56f4a8cb690774412ec - < d082757b8359201c3864323cea4b91ea30a1e676affected 4f75189024f4186a7ff9d56f4a8cb690774412ec - < 7d12e918f2994c883f41f22552a61b9310fa1e87+2 more versions |
Linux | Linux | affected 4.11unaffected 0 - < 4.11unaffected 5.4.278 - <= 5.4.*unaffected 5.10.219 - <= 5.10.*unaffected 5.15.161 - <= 5.15.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now