CVE-2022-49487

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-49487
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49487.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49487
Downstream
Related
Published
2025-02-26T02:13:25Z
Modified
2025-10-15T21:56:53.598364Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
mtd: rawnand: intel: fix possible null-ptr-deref in ebu_nand_probe()
Details

In the Linux kernel, the following vulnerability has been resolved:

mtd: rawnand: intel: fix possible null-ptr-deref in ebunandprobe()

It will cause null-ptr-deref when using 'res', if platformgetresource() returns NULL, so move using 'res' after devmioremapresource() that will check it to avoid null-ptr-deref.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0b1039f016e8a37c779a4aee362cb2100ebb1cfd
Fixed
e5b1e419cdb6dd8709eb05ed34039a3ded8e6003
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0b1039f016e8a37c779a4aee362cb2100ebb1cfd
Fixed
daa5166450b447415aeeaac0199e445bae7bd0f2
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0b1039f016e8a37c779a4aee362cb2100ebb1cfd
Fixed
f8e262eb7575a4a2412f30f7a1b293875aceba80
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0b1039f016e8a37c779a4aee362cb2100ebb1cfd
Fixed
ddf66aefd685fd46500b9917333e1b1e118276dc

Affected versions

v5.*

v5.10
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.17.1
v5.17.10
v5.17.11
v5.17.12
v5.17.13
v5.17.2
v5.17.3
v5.17.4
v5.17.5
v5.17.6
v5.17.7
v5.17.8
v5.17.9
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.18.1
v5.18.2

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "target": {
            "function": "ebu_nand_probe",
            "file": "drivers/mtd/nand/raw/intel-nand-controller.c"
        },
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f8e262eb7575a4a2412f30f7a1b293875aceba80",
        "digest": {
            "function_hash": "40613365465548462557104243867603903120",
            "length": 3026.0
        },
        "id": "CVE-2022-49487-0ebd4c02",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "function": "ebu_nand_probe",
            "file": "drivers/mtd/nand/raw/intel-nand-controller.c"
        },
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e5b1e419cdb6dd8709eb05ed34039a3ded8e6003",
        "digest": {
            "function_hash": "40613365465548462557104243867603903120",
            "length": 3026.0
        },
        "id": "CVE-2022-49487-39f7e376",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/mtd/nand/raw/intel-nand-controller.c"
        },
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e5b1e419cdb6dd8709eb05ed34039a3ded8e6003",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "14998794454608152297486099064210310011",
                "15179322491443428624891351920376609458",
                "176276037224968616468980445989148818326",
                "266834349631591144355562954675914701831",
                "251281123019977877157385374228694756196",
                "140727775911582159033252768494975775609"
            ]
        },
        "id": "CVE-2022-49487-3ebdf184",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/mtd/nand/raw/intel-nand-controller.c"
        },
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ddf66aefd685fd46500b9917333e1b1e118276dc",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "14998794454608152297486099064210310011",
                "15179322491443428624891351920376609458",
                "176276037224968616468980445989148818326",
                "266834349631591144355562954675914701831",
                "251281123019977877157385374228694756196",
                "140727775911582159033252768494975775609"
            ]
        },
        "id": "CVE-2022-49487-40a790e8",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "function": "ebu_nand_probe",
            "file": "drivers/mtd/nand/raw/intel-nand-controller.c"
        },
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ddf66aefd685fd46500b9917333e1b1e118276dc",
        "digest": {
            "function_hash": "40613365465548462557104243867603903120",
            "length": 3026.0
        },
        "id": "CVE-2022-49487-697641f0",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/mtd/nand/raw/intel-nand-controller.c"
        },
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@daa5166450b447415aeeaac0199e445bae7bd0f2",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "14998794454608152297486099064210310011",
                "15179322491443428624891351920376609458",
                "176276037224968616468980445989148818326",
                "266834349631591144355562954675914701831",
                "251281123019977877157385374228694756196",
                "140727775911582159033252768494975775609"
            ]
        },
        "id": "CVE-2022-49487-b63af550",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/mtd/nand/raw/intel-nand-controller.c"
        },
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f8e262eb7575a4a2412f30f7a1b293875aceba80",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "14998794454608152297486099064210310011",
                "15179322491443428624891351920376609458",
                "176276037224968616468980445989148818326",
                "266834349631591144355562954675914701831",
                "251281123019977877157385374228694756196",
                "140727775911582159033252768494975775609"
            ]
        },
        "id": "CVE-2022-49487-d09d4a2f",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "target": {
            "function": "ebu_nand_probe",
            "file": "drivers/mtd/nand/raw/intel-nand-controller.c"
        },
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@daa5166450b447415aeeaac0199e445bae7bd0f2",
        "digest": {
            "function_hash": "40613365465548462557104243867603903120",
            "length": 3026.0
        },
        "id": "CVE-2022-49487-e63fc1c9",
        "signature_version": "v1"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.46
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.17.14
Type
ECOSYSTEM
Events
Introduced
5.18.0
Fixed
5.18.3