CVE-2022-48952

Current driver is missing a sentinel in the struct socdeviceattribute array, which causes an oops when assessed by the socdevicematch(mt7621pciequirks_match) call.

This was only exposed once the CONFIGSOCMT7621 mt7621 socdevattr was fixed to register the SOC as a device, in:

commit 7c18b64bba3b ("mips: ralink: mt7621: do not use kzalloc too early")

Fix it by adding the required sentinel.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48952.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

b483b4e4d3f6bfd5089b9e6dc9ba259879c6ce6f

Fixed

3e9c395ef2d52975b2c2894d2da09d6db2958bc6

Fixed

cb7323ece786f243f6d6ccf2e5b2b27b736bdc04

Fixed

a4997bae1b5b012c8a6e2643e26578a7bc2cae36

Fixed

19098934f910b4d47cb30251dd39ffa57bef9523

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

21fd877300b01d25c5807c327848fdc7c813cf0e

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48952.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.15.86

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.0.15

Type: ECOSYSTEM
Events: Introduced

6.1.0

Fixed

6.1.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48952.json"