VDB
CISA-2022-48703
CISA-2022-48703
PUBLISHED
Reported by Linux · Published May 3, 2024
In the Linux kernel, the following vulnerability has been resolved: thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR In some case, the GDDV returns a package with a buffer which has zero length. It causes that kmemdup() returns ZERO_SIZE_PTR (0x10). Then the data_vault_read() got NULL point dereference problem when accessing the 0x10 value in data_vault. [ 71.024560] BUG: kernel NULL pointer dereference, address: 0000000000000010 This patch uses ZERO_OR_NULL_PTR() for checking ZERO_SIZE_PTR or NULL value in data_vault.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | 0ba13c763aacb27ab32bde5d559bf40e88465921, 0ba13c763aacb27ab32bde5d559bf40e88465921, 0ba13c763aacb27ab32bde5d559bf40e88465921 |
| Linux | Linux | 5.8, 0, 5.15.189 |
| Linux | Linux | 5.15.189, 0, 5.19.9 |
| linux | linux_kernel | 5.8, 5.8, 5.8 |
Timeline
- May 3, 2024 CVE Published
- Jul 17, 2025 CVE Updated