NULL pointer dereference in Linux kernel - CVE-2022-49956
Published: June 19, 2025 / Updated: June 21, 2025
Vulnerability identifier: #VU111514
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-49956
CWE-ID: CWE-476
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the r871x_internal_cmd_hdl() and cmd_hdl_filter() functions in drivers/staging/rtl8712/rtl8712_cmd.c. A local user can perform a denial of service (DoS) attack.
How to mitigate CVE-2022-49956
Install update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/19e3f69d19801940abc2ac37c169882769ed9770
- https://git.kernel.org/stable/c/376e15487fec837301d888068a3fcc82efb6171a
- https://git.kernel.org/stable/c/7dce6b0ee7d78667d6c831ced957a08769973063
- https://git.kernel.org/stable/c/9fd6170c5e2d0ccd027abe26f6f5ffc528e1bb27
- https://git.kernel.org/stable/c/b1727def850904e4b8ba384043775672841663a1
- https://git.kernel.org/stable/c/d0aac7146e96bf39e79c65087d21dfa02ef8db38
- https://git.kernel.org/stable/c/dc02aaf950015850e7589696521c7fca767cea77
- https://git.kernel.org/stable/c/e230a4455ac3e9b112f0367d1b8e255e141afae0
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.293
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.258
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.328
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.142
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.66
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.8
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.213
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0