Description

In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers In case a IRQ based transfer times out the bcm2835_spi_handle_err() function is called. Since commit 1513ceee70f2 ("spi: bcm2835: Drop dma_pending flag") the TX and RX DMA transfers are unconditionally canceled, leading to NULL pointer derefs if ctlr->dma_tx or ctlr->dma_rx are not set. Fix the NULL pointer deref by checking that ctlr->dma_tx and ctlr->dma_rx are valid pointers before accessing them.

INFO

Published Date :

2025-02-26T02:23:13.209Z

Last Modified :

2025-10-01T19:46:37.670Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49569 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49569.

URL Resource
https://git.kernel.org/stable/c/49ffa473218012e765682343de2052eb4c1f06a7 cve-icon cve-icon
https://git.kernel.org/stable/c/4ceaa684459d414992acbefb4e4c31f2dfc50641 cve-icon cve-icon
https://git.kernel.org/stable/c/58466e05390043d2805685c70f55f3f59711bdf2 cve-icon cve-icon
https://git.kernel.org/stable/c/684896e675edd8b669fd3e9f547c5038222d85bc cve-icon cve-icon
https://git.kernel.org/stable/c/76668d2a2f367d25ff448e6d7087406af7d7bb2b cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025022606-CVE-2022-49569-3c5b@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49569 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49569 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact