CVE-2022-49492
Published: Feb 26, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags In nvme_alloc_admin_tags, the admin_q can be set to an error (typically -ENOMEM) if the blk_mq_init_queue call fails to set up the queue, which is checked immediately after the call. However, when we return the error message up the stack, to nvme_reset_work the error takes us to nvme_remove_dead_ctrl() nvme_dev_disable() nvme_suspend_queue(&dev->queues[0]). Here, we only check that the admin_q is non-NULL, rather than not an error or NULL, and begin quiescing a queue that never existed, leading to bad / NULL pointer dereference.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 35b489d32fcc37e8735f41aa794b24cf9d1e74f5 - < 8321b17789f614414206af07e17ce4751c95dc76affected 35b489d32fcc37e8735f41aa794b24cf9d1e74f5 - < 9e649471b396fa0139d53919354ce1eace9b9a24affected 35b489d32fcc37e8735f41aa794b24cf9d1e74f5 - < 8da2b7bdb47e94bbc4062a3978c708926bcb022caffected 35b489d32fcc37e8735f41aa794b24cf9d1e74f5 - < f76729662650cd7bc8f8194e057af381370349a7affected 35b489d32fcc37e8735f41aa794b24cf9d1e74f5 - < af98940dd33c9f9e1beb4f71c0a39260100e2a65+4 more versions |
Linux | Linux | affected 3.19unaffected 0 - < 3.19unaffected 4.9.318 - <= 4.9.*unaffected 4.14.283 - <= 4.14.*unaffected 4.19.247 - <= 4.19.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now