NULL pointer dereference in Linux kernel nvme host driver

1) NULL pointer dereference

EUVDB-ID: #VU104589

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49492

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nvme_alloc_admin_tags() function in drivers/nvme/host/pci.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

CPE2.3

• cpe:2.3:o:linux_foundation:linux_kernel:*:*:*:*:*:*:*:*

External links

https://git.kernel.org/stable/c/54a4c1e47d1b2585e74920399455bd9abbfb2bd7
https://git.kernel.org/stable/c/7a28556082d1fbcbc599baf1c24252dfc73efefc
https://git.kernel.org/stable/c/8321b17789f614414206af07e17ce4751c95dc76
https://git.kernel.org/stable/c/8da2b7bdb47e94bbc4062a3978c708926bcb022c
https://git.kernel.org/stable/c/906c81dba8ee8057523859b5e1a2479e9fd34860
https://git.kernel.org/stable/c/9e649471b396fa0139d53919354ce1eace9b9a24
https://git.kernel.org/stable/c/af98940dd33c9f9e1beb4f71c0a39260100e2a65
https://git.kernel.org/stable/c/da42761181627e9bdc37d18368b827948a583929
https://git.kernel.org/stable/c/f76729662650cd7bc8f8194e057af381370349a7

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.