We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2022-49010

hwmon: (coretemp) Check for null before removing sysfs attrs



Description

In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Check for null before removing sysfs attrs If coretemp_add_core() gets an error then pdata->core_data[indx] is already NULL and has been kfreed. Don't pass that to sysfs_remove_group() as that will crash in sysfs_remove_group(). [Shortened for readability] [91854.020159] sysfs: cannot create duplicate filename '/devices/platform/coretemp.0/hwmon/hwmon2/temp20_label' <cpu offline> [91855.126115] BUG: kernel NULL pointer dereference, address: 0000000000000188 [91855.165103] #PF: supervisor read access in kernel mode [91855.194506] #PF: error_code(0x0000) - not-present page [91855.224445] PGD 0 P4D 0 [91855.238508] Oops: 0000 [#1] PREEMPT SMP PTI ... [91855.342716] RIP: 0010:sysfs_remove_group+0xc/0x80 ... [91855.796571] Call Trace: [91855.810524] coretemp_cpu_offline+0x12b/0x1dd [coretemp] [91855.841738] ? coretemp_cpu_online+0x180/0x180 [coretemp] [91855.871107] cpuhp_invoke_callback+0x105/0x4b0 [91855.893432] cpuhp_thread_fun+0x8e/0x150 ... Fix this by checking for NULL first.

Reserved 2024-08-22 | Published 2024-10-21 | Updated 2024-11-04 | Assigner Linux

Product status

Default status
unaffected

199e0de7f5df before fb503d077ff7
affected

199e0de7f5df before 070d5ea4a059
affected

199e0de7f5df before 280110db1a7d
affected

199e0de7f5df before 89eecabe6a47
affected

199e0de7f5df before f06e0cd01eab
affected

199e0de7f5df before 7692700ac818
affected

199e0de7f5df before ae6c8b6e5d56
affected

199e0de7f5df before a89ff5f5cc64
affected

Default status
affected

3.0
affected

Any version before 3.0
unaffected

4.9.335
unaffected

4.14.301
unaffected

4.19.268
unaffected

5.4.226
unaffected

5.10.158
unaffected

5.15.82
unaffected

6.0.12
unaffected

6.1
unaffected

References

git.kernel.org/...c/fb503d077ff7b43913503eaf72995d1239028b99

git.kernel.org/...c/070d5ea4a0592a37ad96ce7f7b6b024f90bb009f

git.kernel.org/...c/280110db1a7d62ad635b103bafc3ae96e8bef75c

git.kernel.org/...c/89eecabe6a47403237f45aafd7d24f93cb973653

git.kernel.org/...c/f06e0cd01eab954bd5f2190c9faa79bb5357e05b

git.kernel.org/...c/7692700ac818866d138a8de555130a6e70e6ac16

git.kernel.org/...c/ae6c8b6e5d5628df1c475c0a8fca1465e205c95b

git.kernel.org/...c/a89ff5f5cc64b9fe7a992cf56988fd36f56ca82a

cve.org (CVE-2022-49010)

nvd.nist.gov (CVE-2022-49010)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2022-49010

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.