Lucene search
K

914 matches found

SUSE CVE
SUSE CVE
added 2025/02/27 3:6 a.m.3 views

SUSE CVE-2022-49472

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present in the phydriver structure and the .driverdata is not, a NULL pointer dereference happens. Allow passing .probe without .driverdata b...

5.5CVSS6.5AI score0.00276EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2025/02/27 3:6 a.m.4 views

SUSE CVE-2022-49471

In the Linux kernel, the following vulnerability has been resolved: rtw89: cfo: check macid to avoid out-of-bounds Somehow, hardware reports incorrect macid and pollute memory. Check index before we access the array. UBSAN: array-index-out-of-bounds in rtw89/phy.c:2517:23 index 188 is out of rang...

5.5CVSS6.3AI score0.00258EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/02/27 3:5 a.m.3 views

SUSE CVE-2022-49501

In the Linux kernel, the following vulnerability has been resolved: usbnet: Run unregisternetdev before unbind again Commit 2c9d6c2b871d "usbnet: run unbind before unregisternetdev" sought to fix a use-after-free on disconnect of USB Ethernet adapters. It turns out that a different fix is necessa...

5.5CVSS6.5AI score0.00251EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/02/27 3:2 a.m.3 views

SUSE CVE-2022-49692

In the Linux kernel, the following vulnerability has been resolved: net: phy: at803x: fix NULL pointer dereference on AR9331 PHY Latest kernel will explode on the PHY interrupt config, since it depends now on allocated priv. So, run probe to allocate priv to fix it. ar9331switch ethernet.1:10 lan...

5.5CVSS6.5AI score0.00227EPSS
Exploits0References3
NVD
NVD
added 2025/02/26 7:1 a.m.9 views

CVE-2022-49692

In the Linux kernel, the following vulnerability has been resolved: net: phy: at803x: fix NULL pointer dereference on AR9331 PHY Latest kernel will explode on the PHY interrupt config, since it depends now on allocated priv. So, run probe to allocate priv to fix it. ar9331switch ethernet.1:10 lan...

5.5CVSS0.00227EPSS
Exploits0References2
OSV
OSV
added 2025/02/26 7:1 a.m.3 views

DEBIAN-CVE-2022-49692

In the Linux kernel, the following vulnerability has been resolved: net: phy: at803x: fix NULL pointer dereference on AR9331 PHY Latest kernel will explode on the PHY interrupt config, since it depends now on allocated priv. So, run probe to allocate priv to fix it. ar9331switch ethernet.1:10 lan...

5.5CVSS5.4AI score0.00227EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:1 a.m.2 views

DEBIAN-CVE-2022-49471

In the Linux kernel, the following vulnerability has been resolved: rtw89: cfo: check macid to avoid out-of-bounds Somehow, hardware reports incorrect macid and pollute memory. Check index before we access the array. UBSAN: array-index-out-of-bounds in rtw89/phy.c:2517:23 index 188 is out of rang...

7.8CVSS5.3AI score0.00258EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:1 a.m.2 views

DEBIAN-CVE-2022-49472

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present in the phydriver structure and the .driverdata is not, a NULL pointer dereference happens. Allow passing .probe without .driverdata b...

5.5CVSS5.5AI score0.00276EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:1 a.m.3 views

DEBIAN-CVE-2022-49396

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix reset-controller leak on probe errors Make sure to release the lane reset controller in case of a late probe error e.g. probe deferral. Note that due to the reset controller being defined in devicetree in "lane...

5.5CVSS5.6AI score0.00253EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:1 a.m.1 views

UBUNTU-CVE-2022-49350

In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a free...

5.5CVSS6.1AI score0.00276EPSS
Exploits0References11
OSV
OSV
added 2025/02/26 7:1 a.m.1 views

UBUNTU-CVE-2022-49472

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present in the phydriver structure and the .driverdata is not, a NULL pointer dereference happens. Allow passing .probe without .driverdata b...

5.5CVSS6.2AI score0.00276EPSS
Exploits0References11
OSV
OSV
added 2025/02/26 7:1 a.m.1 views

UBUNTU-CVE-2022-49692

In the Linux kernel, the following vulnerability has been resolved: net: phy: at803x: fix NULL pointer dereference on AR9331 PHY Latest kernel will explode on the PHY interrupt config, since it depends now on allocated priv. So, run probe to allocate priv to fix it. ar9331switch ethernet.1:10 lan...

5.5CVSS5.7AI score0.00227EPSS
Exploits0References5
OSV
OSV
added 2025/02/26 7:0 a.m.3 views

DEBIAN-CVE-2022-49061

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: stmmac: fix altrtsepcs function when using a fixed-link When using a fixed-link, the altrtsepcs driver crashes due to null-pointer dereference as no phydevice is provided to tsepcsfixmacspeed function. Fix this by...

5.5CVSS5.6AI score0.00245EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:0 a.m.2 views

UBUNTU-CVE-2022-49061

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: stmmac: fix altrtsepcs function when using a fixed-link When using a fixed-link, the altrtsepcs driver crashes due to null-pointer dereference as no phydevice is provided to tsepcsfixmacspeed function. Fix this by...

5.5CVSS6.2AI score0.00245EPSS
Exploits0References8
CVE
CVE
added 2025/02/26 2:24 a.m.69 views

CVE-2022-49692

The CVE-2022-49692 issue is a Linux kernel fix for the at803x PHY NULL pointer dereference on AR9331 PHY. The vulnerability manifested as kernel paging fault during PHY interrupt handling, traced to AR9331 switch/MDIO initialization and phylink/dsa probe paths. The remedy is in the latest kernel ...

5.5CVSS5.3AI score0.00227EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/02/26 2:24 a.m.15 views

CVE-2022-49692 net: phy: at803x: fix NULL pointer dereference on AR9331 PHY

In the Linux kernel, the following vulnerability has been resolved: net: phy: at803x: fix NULL pointer dereference on AR9331 PHY Latest kernel will explode on the PHY interrupt config, since it depends now on allocated priv. So, run probe to allocate priv to fix it. ar9331switch ethernet.1:10 lan...

0.00227EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/02/26 2:24 a.m.8 views

CVE-2022-49692

In the Linux kernel, the following vulnerability has been resolved: net: phy: at803x: fix NULL pointer dereference on AR9331 PHY Latest kernel will explode on the PHY interrupt config, since it depends now on allocated priv. So, run probe to allocate priv to fix it. ar9331switch ethernet.1:10 lan...

5.5CVSS5.4AI score0.00227EPSS
Exploits0
OSV
OSV
added 2025/02/26 2:13 a.m.14 views

CVE-2022-49501 usbnet: Run unregister_netdev() before unbind() again

In the Linux kernel, the following vulnerability has been resolved: usbnet: Run unregisternetdev before unbind again Commit 2c9d6c2b871d "usbnet: run unbind before unregisternetdev" sought to fix a use-after-free on disconnect of USB Ethernet adapters. It turns out that a different fix is necessa...

7.8CVSS5.2AI score0.00251EPSS
Exploits0References7
CVE
CVE
added 2025/02/26 2:13 a.m.103 views

CVE-2022-49501

CVE-2022-49501 concerns the Linux kernel USB Ethernet (usbnet) path. The root cause is a use-after-free risk during disconnect caused by non-mirroring binding/unbinding order: usbnet_probe() binds then register_netdev(), whereas disconnect() previously unregisters before unbind(), leading to PHY ...

7.8CVSS6.5AI score0.00251EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2025/02/26 2:13 a.m.98 views

CVE-2022-49472

CVE-2022-49472 affects the Linux kernel PHY Micrel driver: if a .probe is present and .driver_data is missing, a NULL pointer dereference can occur. The fix adds NULL checks for priv->type to allow probing without .driver_data. Connected advisories (Astra/Unity Linux) reference Linux kernel ve...

5.5CVSS5.4AI score0.00276EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder