{ "threat_severity" : "Moderate", "public_date" : "2025-02-26T00:00:00Z", "bugzilla" : { "description" : "kernel: gpio: Restrict usage of GPIO chip irq members before initialization", "id" : "2348209", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2348209" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-476", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\ngpio: Restrict usage of GPIO chip irq members before initialization\nGPIO chip irq members are exposed before they could be completely\ninitialized and this leads to race conditions.\nOne such issue was observed for the gc->irq.domain variable which\nwas accessed through the I2C interface in gpiochip_to_irq() before\nit could be initialized by gpiochip_add_irqchip(). This resulted in\nKernel NULL pointer dereference.\nFollowing are the logs for reference :-\nkernel: Call Trace:\nkernel: gpiod_to_irq+0x53/0x70\nkernel: acpi_dev_gpio_irq_get_by+0x113/0x1f0\nkernel: i2c_acpi_get_irq+0xc0/0xd0\nkernel: i2c_device_probe+0x28a/0x2a0\nkernel: really_probe+0xf2/0x460\nkernel: RIP: 0010:gpiochip_to_irq+0x47/0xc0\nTo avoid such scenarios, restrict usage of GPIO chip irq members before\nthey are completely initialized.", "A flaw was found in the GPIO support in the Linux kernel. The GPIO chip IRQ members are exposed before they are completely initialized, potentially causing a NULL pointer dereference, resulting in a system crash and a denial of service." ], "statement" : "This issue has been fixed in Red Hat Enterprise Linux 9.2 via RHSA-2023:2458 [1].\n[1]. https://access.redhat.com/errata/RHSA-2023:2458", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-05-09T00:00:00Z", "advisory" : "RHSA-2023:2458", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-284.11.1.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-05-09T00:00:00Z", "advisory" : "RHSA-2023:2458", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-284.11.1.el9_2" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Fix deferred", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-49072\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49072\nhttps://lore.kernel.org/linux-cve-announce/2025022655-CVE-2022-49072-8479@gregkh/T" ], "name" : "CVE-2022-49072", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }