Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

Vulnerability Intelligence

Customers

Vulnerability IntelligenceCVE-2022-49449

CVE-2022-49449

MEDIUM5.5

pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources()

Published Feb 26, 2025

Modified 5 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources()

It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resource() that will check it to avoid null-ptr-deref. And use devm_platform_get_and_ioremap_resource() to simplify code.

References

WEB

https://git.kernel.org/stable/c/01f9e02e0f13df3fd291676dc80054e977be1601

WEB

https://git.kernel.org/stable/c/2f661477c2bb8068194dbba9738d05219f111c6e

WEB

https://git.kernel.org/stable/c/34c719b8fdfbd0c7c54cae56e6b0f16e9f8bf03e

WEB

https://git.kernel.org/stable/c/b646e0cfeb38bf5f1944fd548f1dfa9b129fa00c

WEB

https://git.kernel.org/stable/c/c16b59d445135c8026a04e388d8b2762feaa3b3b

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2022-49449

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedFeb 26, 2025

ModifiedOct 1, 2025

CVE-2022-49449 | Mondoo Vulnerability Intelligence