Lucene search

416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2022-48879

HistoryAug 21, 2024 - 7:15 a.m.

CVE-2022-48879

2024-08-2107:15:04

CWE-476

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux kernel

efi

vulnerability

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

efi: fix NULL-deref in init error path

In cases where runtime services are not supported or have been disabled,
the runtime services workqueue will never have been allocated.

Do not try to destroy the workqueue unconditionally in the unlikely
event that EFI initialisation fails to avoid dereferencing a NULL
pointer.

Affected configurations

Nvd

Node

linuxlinux_kernelRange4.19.142–4.19.270

linuxlinux_kernelRange5.4.61–5.4.229

linuxlinux_kernelRange5.9–5.10.164

linuxlinux_kernelRange5.11–5.15.89

linuxlinux_kernelRange5.16–6.1.7

References

git.kernel.org/stable/c/4ca71bc0e1995d15486cd7b60845602a28399cb5

git.kernel.org/stable/c/585a0b2b3ae7903c6abee3087d09c69e955a7794

git.kernel.org/stable/c/5fcf75a8a4c3e7ee9122d143684083c9faf20452

git.kernel.org/stable/c/703c13fe3c9af557d312f5895ed6a5fda2711104

git.kernel.org/stable/c/adc96d30f6503d30dc68670c013716f1d9fcc747

git.kernel.org/stable/c/e2ea55564229e4bea1474af15b111b3a3043b76f

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2022-48879