Description

In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix NULL pointer dereference in dsa_port_reset_vlan_filtering The "ds" iterator variable used in dsa_port_reset_vlan_filtering() -> dsa_switch_for_each_port() overwrites the "dp" received as argument, which is later used to call dsa_port_vlan_filtering() proper. As a result, switches which do enter that code path (the ones with vlan_filtering_is_global=true) will dereference an invalid dp in dsa_port_reset_vlan_filtering() after leaving a VLAN-aware bridge. Use a dedicated "other_dp" iterator variable to avoid this from happening.

INFO

Published Date :

2025-02-26T02:23:19.626Z

Last Modified :

2025-10-01T19:36:54.585Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49582 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49582.

URL Resource
https://git.kernel.org/stable/c/1699b4d502eda3c7ea4070debad3ee570b5091b1 cve-icon cve-icon
https://git.kernel.org/stable/c/3240e12fe203a3a79b9814e83327106b770ed7b0 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025022608-CVE-2022-49582-8f09@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49582 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49582 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact