CVE-2022-49187

Published: Feb 26, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: clk: Fix clk_hw_get_clk() when dev is NULL Any registered clk_core structure can have a NULL pointer in its dev field. While never actually documented, this is evidenced by the wide usage of clk_register and clk_hw_register with a NULL device pointer, and the fact that the core of_clk_hw_register() function also passes a NULL device pointer. A call to clk_hw_get_clk() on a clk_hw struct whose clk_core is in that case will result in a NULL pointer derefence when it calls dev_name() on that NULL device pointer. Add a test for this case and use NULL as the dev_id if the device pointer is NULL.

Vendor	Product	Versions
Linux	Linux	affected `30d6f8c15d2cd877c1f3d47d8a1064649ebe58e2 - < 4be3e4c05d8dd1b83b75652cad88c9e752ec7054` affected `30d6f8c15d2cd877c1f3d47d8a1064649ebe58e2 - < d183f20cf5a7b546d4108e796b98210ceb317579` affected `30d6f8c15d2cd877c1f3d47d8a1064649ebe58e2 - < 23f89fe005b105f0dcc55034c13eb89f9b570fac` affected `30d6f8c15d2cd877c1f3d47d8a1064649ebe58e2 - < 0c1b56df451716ba207bbf59f303473643eee4fd`
Linux	Linux	affected `5.11` unaffected `0 - < 5.11` unaffected `5.15.33 - <= 5.15.` unaffected `5.16.19 - <= 5.16.` unaffected `5.17.2 - <= 5.17.*` +1 more versions

References

https://git.kernel.org/stable/c/4be3e4c05d8dd1b83b75652cad88c9e752ec7054

https://git.kernel.org/stable/c/d183f20cf5a7b546d4108e796b98210ceb317579

https://git.kernel.org/stable/c/23f89fe005b105f0dcc55034c13eb89f9b570fac

https://git.kernel.org/stable/c/0c1b56df451716ba207bbf59f303473643eee4fd

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-49187

Description

Affected Products

References