{
  "threat_severity" : "Moderate",
  "public_date" : "2024-05-03T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR",
    "id" : "2278960",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2278960"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nthermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR\nIn some case, the GDDV returns a package with a buffer which has\nzero length. It causes that kmemdup() returns ZERO_SIZE_PTR (0x10).\nThen the data_vault_read() got NULL point dereference problem when\naccessing the 0x10 value in data_vault.\n[   71.024560] BUG: kernel NULL pointer dereference, address:\n0000000000000010\nThis patch uses ZERO_OR_NULL_PTR() for checking ZERO_SIZE_PTR or\nNULL value in data_vault.", "A flaw was found in the Linux kernel in the `thermal/int340x_thermal` driver. This issue occurs when the Global Device Data Vault (GDDV) returns a zero-length buffer, causing the `kmemdup()` function to return a `ZERO_SIZE_PTR` (0x10), leading to a NULL pointer dereference in `data_vault_read()`, potentially causing a kernel crash. The issue has been fixed by adding checks for `ZERO_SIZE_PTR` or `NULL` using the `ZERO_OR_NULL_PTR()` macro." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-11-12T00:00:00Z",
    "advisory" : "RHSA-2024:9315",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-503.11.1.el9_5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-11-12T00:00:00Z",
    "advisory" : "RHSA-2024:9315",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-503.11.1.el9_5"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Will not fix",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Will not fix",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-48703\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48703\nhttps://lore.kernel.org/linux-cve-announce/2024050351-CVE-2022-48703-3099@gregkh/T" ],
  "name" : "CVE-2022-48703",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}