CVE-2022-49974
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49974
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49974.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49974
- Downstream
- Published
- 2025-06-18T11:00:37Z
- Modified
- 2025-10-16T02:07:54.513763Z
- Summary
- HID: nintendo: fix rumble worker null pointer deref
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
HID: nintendo: fix rumble worker null pointer deref
We can dereference a null pointer trying to queue work to a destroyed workqueue.
If the device is disconnected, nintendohidremove is called, in which the rumblequeue is destroyed. Avoid using that queue to defer rumble work once the controller state is set to JOYCONCTLRSTATEREMOVED.
This eliminates the null pointer dereference.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced2af16c1f846bd60240745bbd3afa13d5f040c61aFixed7c6e6c334154be16740b44dcd7638fb510b9bd91
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced2af16c1f846bd60240745bbd3afa13d5f040c61aFixed1ff89e06c2e5fab30274e4b02360d4241d6e605e
Affected versions
v5.*
v5.15
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.19.1
v5.19.2
v5.19.3
v5.19.4
v5.19.5
v5.19.6