QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-49268

Back to search

CVE-2022-49268

Published: Feb 26, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM Do not call snd_dma_free_pages() when snd_dma_alloc_pages() returns -ENOMEM because it leads to a NULL pointer dereference bug. The dmesg says: [ T1387] sof-audio-pci-intel-tgl 0000:00:1f.3: error: memory alloc failed: -12 [ T1387] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ T1387] #PF: supervisor read access in kernel mode [ T1387] #PF: error_code(0x0000) - not-present page [ T1387] PGD 0 P4D 0 [ T1387] Oops: 0000 [#1] PREEMPT SMP NOPTI [ T1387] CPU: 6 PID: 1387 Comm: alsa-sink-HDA A Tainted: G W 5.17.0-rc4-superb-owl-00055-g80d47f5de5e3 [ T1387] Hardware name: HP HP Laptop 14s-dq2xxx/87FD, BIOS F.15 09/15/2021 [ T1387] RIP: 0010:dma_free_noncontiguous+0x37/0x80 [ T1387] Code: [... snip ...] [ T1387] RSP: 0000:ffffc90002b87770 EFLAGS: 00010246 [ T1387] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ T1387] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888101db30d0 [ T1387] RBP: 00000000fffffff4 R08: 0000000000000000 R09: 0000000000000000 [ T1387] R10: 0000000000000000 R11: ffffc90002b874d0 R12: 0000000000000001 [ T1387] R13: 0000000000058000 R14: ffff888105260c68 R15: ffff888105260828 [ T1387] FS: 00007f42e2ffd640(0000) GS:ffff888466b80000(0000) knlGS:0000000000000000 [ T1387] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ T1387] CR2: 0000000000000000 CR3: 000000014acf0003 CR4: 0000000000770ee0 [ T1387] PKRU: 55555554 [ T1387] Call Trace: [ T1387] <TASK> [ T1387] cl_stream_prepare+0x10a/0x120 [snd_sof_intel_hda_common 146addf995b9279ae7f509621078cccbe4f875e1] [... snip ...] [ T1387] </TASK>

VendorProductVersions

Linux

Linux

affected
d16046ffa6de040bf580a64d5f4d0aa18258a854 - < 01df5f7627f1624d6bb0b8c0870a569b32adfbf8
affected
d16046ffa6de040bf580a64d5f4d0aa18258a854 - < 0c307349fe060971625b856c92f0361b8ea9a120
affected
d16046ffa6de040bf580a64d5f4d0aa18258a854 - < b6094744e261083d3790c3def770ebf5060d383b
affected
d16046ffa6de040bf580a64d5f4d0aa18258a854 - < 09eca322d4118dc26570ca6100fa34e59e5a5143
affected
d16046ffa6de040bf580a64d5f4d0aa18258a854 - < 67f7bd9ff9079c1ee2de58e024fb582905c74c16

+1 more versions

Linux

Linux

affected
5.2
unaffected
0 - < 5.2
unaffected
5.4.189 - <= 5.4.*
unaffected
5.10.110 - <= 5.10.*
unaffected
5.15.33 - <= 5.15.*

+3 more versions

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now