CVE-2022-49083
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49083
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49083.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49083
- Downstream
- Related
- Published
- 2025-02-26T07:00:45Z
- Modified
- 2025-08-09T20:01:27Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
iommu/omap: Fix regression in probe for NULL pointer dereference
Commit 3f6634d997db ("iommu: Use right way to retrieve iommu_ops") started triggering a NULL pointer dereference for some omap variants:
_iommuprobedevice from probeiommugroup+0x2c/0x38 probeiommugroup from busforeachdev+0x74/0xbc busforeachdev from busiommuprobe+0x34/0x2e8 busiommuprobe from bussetiommu+0x80/0xc8 bussetiommu from omapiommuinit+0x88/0xcc omapiommuinit from doone_initcall+0x44/0x24
This is caused by omap iommu probe returning 0 instead of ERR_PTR(-ENODEV) as noted by Jason Gunthorpe jgg@ziepe.ca.
Looks like the regression already happened with an earlier commit 6785eb9105e3 ("iommu/omap: Convert to probe/release_device() call-backs") that changed the function return type and missed converting one place.
- References
-
- https://git.kernel.org/stable/c/1d89f2b9eadbcf3ce93c6d7238f68299a1f84968
- https://git.kernel.org/stable/c/47e239117bd97c8556f9187af7a9a7938db4e021
- https://git.kernel.org/stable/c/71ff461c3f41f6465434b9e980c01782763e7ad8
- https://git.kernel.org/stable/c/bd905fed87ce01ac010011bb8f44ed0140116ceb
- https://git.kernel.org/stable/c/ea518578aa8a9a0280605b53cc33f707e10c8178