CVE-2022-49308
- Source
- https://cve.org/CVERecord?id=CVE-2022-49308
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49308.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49308
- Downstream
- Related
- Published
- 2025-02-26T02:10:39.648Z
- Modified
- 2026-04-11T12:43:51.912621Z
- Summary
- extcon: Modify extcon device to be created after driver data is set
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
extcon: Modify extcon device to be created after driver data is set
Currently, someone can invoke the sysfs such as stateshow() intermittently before devset_drvdata() is done. And it can be a cause of kernel Oops because of edev is Null at that time. So modified the driver registration to after setting drviver data.
- Oops's backtrace.
Backtrace: [<c067865c>] (stateshow) from [<c05222e8>] (devattrshow) [<c05222c0>] (devattrshow) from [<c02c66e0>] (sysfskfseqshow) [<c02c6648>] (sysfskfseqshow) from [<c02c496c>] (kernfsseqshow) [<c02c4938>] (kernfsseqshow) from [<c025e2a0>] (seqread) [<c025e11c>] (seqread) from [<c02c50a0>] (kernfsfopread) [<c02c5064>] (kernfsfop_read) from [<c0231cac>] (__vfs_read) [<c0231c5c>] (__vfsread) from [<c0231ee0>] (vfsread) [<c0231e34>] (vfsread) from [<c0232464>] (ksysread) [<c02323f0>] (ksysread) from [<c02324fc>] (sysread) [<c02324e4>] (sys_read) from [<c00091d0>] (__systracereturn)
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49308.json" }- References
-
- https://git.kernel.org/stable/c/033ec4e7e59ae5e1ef1e8c10bc6552926044ed1c
- https://git.kernel.org/stable/c/35ff1ac55d301efb3f467cf5426faaeb3452994b
- https://git.kernel.org/stable/c/368e68ad6da4317fc4170e8d92b51c13d1bfe7a7
- https://git.kernel.org/stable/c/5dcc2afe716d69f5112ce035cb14f007461ff189
- https://git.kernel.org/stable/c/6e721f3ad0535b24f19a62420f4da95212cf069c
- https://git.kernel.org/stable/c/abf3b222614f49f98e606fccdd269161c0d70204
- https://git.kernel.org/stable/c/cb81ea998c461868d1168411a867d8ffee12f23f
- https://git.kernel.org/stable/c/d472c78cc82999d07bd09193a6718016ce9cd386
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49308.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-49308
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedde55d8716ac50a356cea736c29bb7db5ac3d0190Fixed6e721f3ad0535b24f19a62420f4da95212cf069cFixedcb81ea998c461868d1168411a867d8ffee12f23fFixedd472c78cc82999d07bd09193a6718016ce9cd386Fixedabf3b222614f49f98e606fccdd269161c0d70204Fixed368e68ad6da4317fc4170e8d92b51c13d1bfe7a7Fixed35ff1ac55d301efb3f467cf5426faaeb3452994bFixed033ec4e7e59ae5e1ef1e8c10bc6552926044ed1cFixed5dcc2afe716d69f5112ce035cb14f007461ff189
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced3.5.0Fixed4.14.283
- Type
- ECOSYSTEM
- Events
-
Introduced4.15.0Fixed4.19.247
- Type
- ECOSYSTEM
- Events
-
Introduced4.20.0Fixed5.4.198
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.122
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.47
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed5.17.15
- Type
- ECOSYSTEM
- Events
-
Introduced5.18.0Fixed5.18.4