Vulnerabilities > CVE-2022-49569 - NULL Pointer Dereference vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers In case a IRQ based transfer times out the bcm2835_spi_handle_err() function is called. Since commit 1513ceee70f2 ("spi: bcm2835: Drop dma_pending flag") the TX and RX DMA transfers are unconditionally canceled, leading to NULL pointer derefs if ctlr->dma_tx or ctlr->dma_rx are not set. Fix the NULL pointer deref by checking that ctlr->dma_tx and ctlr->dma_rx are valid pointers before accessing them.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/stable/c/49ffa473218012e765682343de2052eb4c1f06a7
- https://git.kernel.org/stable/c/4ceaa684459d414992acbefb4e4c31f2dfc50641
- https://git.kernel.org/stable/c/58466e05390043d2805685c70f55f3f59711bdf2
- https://git.kernel.org/stable/c/684896e675edd8b669fd3e9f547c5038222d85bc
- https://git.kernel.org/stable/c/76668d2a2f367d25ff448e6d7087406af7d7bb2b