Vulnerabilities > CVE-2022-3110 - NULL Pointer Dereference vulnerability in Linux Kernel 5.16.0

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

linux

CWE-476

NVD

Published: 2022-12-14

Updated: 2022-12-16

Summary

An issue was discovered in the Linux kernel through 5.16-rc6. _rtw_init_xmit_priv in drivers/staging/r8188eu/core/rtw_xmit.c lacks check of the return value of rtw_alloc_hwxmits() and will cause the null pointer dereference.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 5.16.0	7

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://bugzilla.redhat.com/show_bug.cgi?id=2153055
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=f94b47c6bde624d6c07f43054087607c52054a95