CVE-2022-49832

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-49832
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49832.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49832
Downstream
Related
Published
2025-05-01T14:09:50.435Z
Modified
2026-05-15T11:54:33.656339849Z
Summary
pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map
Details

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: devicetree: fix null pointer dereferencing in pinctrldtto_map

Here is the BUG report by KASAN about null pointer dereference:

BUG: KASAN: null-ptr-deref in strcmp+0x2e/0x50 Read of size 1 at addr 0000000000000000 by task python3/2640 Call Trace: strcmp _offindproperty offindproperty pinctrldttomap

kasprintf() would return NULL pointer when kmalloc() fail to allocate. So directly return ENOMEM, if kasprintf() return NULL pointer.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49832.json"
}
References

Affected packages

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.5.0
Fixed
4.9.334
Type
ECOSYSTEM
Events
Introduced
4.10.0
Fixed
4.14.300
Type
ECOSYSTEM
Events
Introduced
4.15.0
Fixed
4.19.267
Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.225
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.156
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.80
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.0.10

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49832.json"