Vulnerabilities > CVE-2022-49453 - NULL Pointer Dereference vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc The allocation funciton devm_kcalloc may fail and return a null pointer, which would cause a null-pointer dereference later. It might be better to check it and directly return -ENOMEM just like the usage of devm_kcalloc in previous code.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/stable/c/01ba41a359622ab256ce4d4f8b94c67165ae3daf
- https://git.kernel.org/stable/c/05efc4591f80582b6fe53366b70b6a35a42fd255
- https://git.kernel.org/stable/c/7cef9274fa1b8506949d74bc45aef072b890824a
- https://git.kernel.org/stable/c/ba56291e297d28aa6eb82c5c1964fae2d7594746
- https://git.kernel.org/stable/c/c4e188869406b47ac3350920bf165be303cb1c96