Vulnerabilities > CVE-2022-48648 - NULL Pointer Dereference vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: sfc: fix null pointer dereference in efx_hard_start_xmit Trying to get the channel from the tx_queue variable here is wrong because we can only be here if tx_queue is NULL, so we shouldn't dereference it. As the above comment in the code says, this is very unlikely to happen, but it's wrong anyway so let's fix it. I hit this issue because of a different bug that caused tx_queue to be NULL. If that happens, this is the error message that we get here: BUG: unable to handle kernel NULL pointer dereference at 0000000000000020 [...] RIP: 0010:efx_hard_start_xmit+0x153/0x170 [sfc]
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/stable/c/0a242eb2913a4aa3d6fbdb86559f27628e9466f3
- https://git.kernel.org/stable/c/0a242eb2913a4aa3d6fbdb86559f27628e9466f3
- https://git.kernel.org/stable/c/8547c7bfc0617e7184e4da65b9b96681fcfe9998
- https://git.kernel.org/stable/c/8547c7bfc0617e7184e4da65b9b96681fcfe9998
- https://git.kernel.org/stable/c/b3b41d4d95d3822b2e459ecbc80d030ea6aec5e7
- https://git.kernel.org/stable/c/b3b41d4d95d3822b2e459ecbc80d030ea6aec5e7
- https://git.kernel.org/stable/c/b3b952168ee1f220ba729fa100fd9d5aa752eb03
- https://git.kernel.org/stable/c/b3b952168ee1f220ba729fa100fd9d5aa752eb03