{ "threat_severity" : "Moderate", "public_date" : "2025-02-26T00:00:00Z", "bugzilla" : { "description" : "kernel: nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags", "id" : "2347913", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2347913" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-476", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nnvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags\nIn nvme_alloc_admin_tags, the admin_q can be set to an error (typically\n-ENOMEM) if the blk_mq_init_queue call fails to set up the queue, which\nis checked immediately after the call. However, when we return the error\nmessage up the stack, to nvme_reset_work the error takes us to\nnvme_remove_dead_ctrl()\nnvme_dev_disable()\nnvme_suspend_queue(&dev->queues[0]).\nHere, we only check that the admin_q is non-NULL, rather than not\nan error or NULL, and begin quiescing a queue that never existed, leading\nto bad / NULL pointer dereference.", "A flaw was found in the nvme module in the Linux kernel. A NULL pointer dereference can be triggered due to improper error management when the blk_mq_init_queue function fails to set up the queue, resulting in a denial of service." ], "statement" : "This issue has been fixed in Red Hat Enterprise Linux 8.9 and 9.2 via RHSA-2023:7077 [1] and RHSA-2023:2458 [2], respectively.\n[1]. https://access.redhat.com/errata/RHSA-2023:7077\n[2]. https://access.redhat.com/errata/RHSA-2023:2458", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-11-14T00:00:00Z", "advisory" : "RHSA-2023:7077", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "kernel-0:4.18.0-513.5.1.el8_9" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-05-09T00:00:00Z", "advisory" : "RHSA-2023:2458", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-284.11.1.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-05-09T00:00:00Z", "advisory" : "RHSA-2023:2458", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-284.11.1.el9_2" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-49492\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49492\nhttps://lore.kernel.org/linux-cve-announce/2025022606-CVE-2022-49492-6a2d@gregkh/T" ], "name" : "CVE-2022-49492", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }