CVE-2022-49472

Опубликовано: 26 фев. 2025

Источник: redhat

CVSS3: 5.5

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driver_data Currently, if the .probe element is present in the phy_driver structure and the .driver_data is not, a NULL pointer dereference happens. Allow passing .probe without .driver_data by inserting NULL checks for priv->type.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel-rt	Out of support scope
Red Hat Enterprise Linux 8	kernel	Out of support scope
Red Hat Enterprise Linux 8	kernel-rt	Out of support scope
Red Hat Enterprise Linux 9	kernel	Fix deferred
Red Hat Enterprise Linux 9	kernel-rt	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-476

https://bugzilla.redhat.com/show_bug.cgi?id=2347978kernel: net: phy: micrel: Allow probing without .driver_data

EPSS

Процентиль: 8%

0.00028

Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-49472

CVSS3: 5.5

ubuntu

12 месяцев назад

CVE-2022-49472

CVSS3: 5.5

nvd

12 месяцев назад

CVE-2022-49472

CVSS3: 5.5

debian

12 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: n ...

GHSA-r33j-vf7v-cq2v

CVSS3: 5.5

github

11 месяцев назад

SUSE-SU-2025:1293-1

suse-cvrf

10 месяцев назад

Security update for the Linux Kernel

EPSS

Процентиль: 8%

0.00028

Низкий

5.5 Medium

CVSS3