CVE-2022-48977
Published: Oct 21, 2024
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: can: af_can: fix NULL pointer dereference in can_rcv_filter Analogue to commit 8aa59e355949 ("can: af_can: fix NULL pointer dereference in can_rx_register()") we need to check for a missing initialization of ml_priv in the receive path of CAN frames. Since commit 4e096a18867a ("net: introduce CAN specific pointer in the struct net_device") the check for dev->type to be ARPHRD_CAN is not sufficient anymore since bonding or tun netdevices claim to be CAN devices but do not initialize ml_priv accordingly.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 4ac1feff6ea6495cbfd336f4438a6c6d140544a6 - < 3982652957e8d79ac32efcb725450580650a8644affected 1a5751d58b14195f763b8c1d9ef33fb8a93e95e7 - < c42221efb1159d6a3c89e96685ee38acdce86b6faffected 4e096a18867a5a989b510f6999d9c6b6622e8f7b - < c142cba37de29f740a3852f01f59876af8ae462aaffected 4e096a18867a5a989b510f6999d9c6b6622e8f7b - < fcc63f2f7ee3038d53216edd0d8291e57c752557affected 4e096a18867a5a989b510f6999d9c6b6622e8f7b - < 0acc442309a0a1b01bcdaa135e56e6398a49439c+4 more versions |
Linux | Linux | affected 5.12unaffected 0 - < 5.12unaffected 5.4.227 - <= 5.4.*unaffected 5.10.159 - <= 5.10.*unaffected 5.15.83 - <= 5.15.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now