CVE-2022-49445: pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources()
First published: Wed Feb 26 2025(Updated: )
In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resource() that will check it to avoid null-ptr-deref. And use devm_platform_get_and_ioremap_resource() to simplify code.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | ||
| Linux Kernel | >=4.3<5.10.121 | |
| Linux Kernel | >=5.11<5.15.46 | |
| Linux Kernel | >=5.16<5.17.14 | |
| Linux Kernel | >=5.18<5.18.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/f991879762392c19661af5b722578089a12b305f
- https://git.kernel.org/stable/c/5ed0519d425619b435150372cce2ffeec71581fa
- https://git.kernel.org/stable/c/e3a1ad8fd0ac11f4fa1260c23b5db71a25473254
- https://git.kernel.org/stable/c/fb4f022b3ad1f3ff3cafdbc7d51896090ae17701
- https://git.kernel.org/stable/c/5376e3d904532e657fd7ca1a9b1ff3d351527b90
Frequently Asked Questions
What is the severity of CVE-2022-49445?
CVE-2022-49445 has a high severity rating due to the potential for null pointer dereference in the Linux kernel.
Which versions of the Linux kernel are affected by CVE-2022-49445?
CVE-2022-49445 affects Linux kernel versions from 4.3 up to 5.10.121 and specific ranges within 5.11 to 5.18.3.
How do I fix CVE-2022-49445?
To fix CVE-2022-49445, update your Linux kernel to the latest stable version that has patched this vulnerability.
What components are involved in the CVE-2022-49445 vulnerability?
CVE-2022-49445 involves the pinctrl component within the Renesas platform of the Linux kernel.
Are there any known exploits for CVE-2022-49445?
As of now, there are no widely reported exploits targeting CVE-2022-49445.
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- agent/type
- agent/title
- agent/references
- agent/source
- agent/author
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- collector/nvd-api
- source/NVD
- agent/remedy
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/linux foundation
- canonical/linux kernel
- vendor/linux
- version/linux kernel/4.3
- version/linux kernel/5.11
- version/linux kernel/5.16
- version/linux kernel/5.18