CVE-2022-49825

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-49825
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49825.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49825
Downstream
Related
Published
2025-05-01T14:09:45.524Z
Modified
2026-05-15T11:53:38.622402925Z
Summary
ata: libata-transport: fix error handling in ata_tport_add()
Details

In the Linux kernel, the following vulnerability has been resolved:

ata: libata-transport: fix error handling in atatportadd()

In atatportadd(), the return value of transportadddevice() is not checked. As a result, it causes null-ptr-deref while removing the module, because transportremovedevice() is called to remove the device that was not added.

Unable to handle kernel NULL pointer dereference at virtual address 00000000000000d0 CPU: 12 PID: 13605 Comm: rmmod Kdump: loaded Tainted: G W 6.1.0-rc3+ #8 pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : devicedel+0x48/0x39c lr : devicedel+0x44/0x39c Call trace: devicedel+0x48/0x39c attributecontainerclassdevicedel+0x28/0x40 transportremoveclassdev+0x60/0x7c attributecontainerdevicetrigger+0x118/0x120 transportremovedevice+0x20/0x30 atatportdelete+0x34/0x60 [libata] ataportdetach+0x148/0x1b0 [libata] atapciremoveone+0x50/0x80 [libata] ahciremove_one+0x4c/0x8c [ahci]

Fix this by checking and handling return value of transportadddevice() in atatportadd().

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49825.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.37
Fixed
5.10.156
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.80
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.0.10

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49825.json"