Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats() It is possible to do NULL pointer dereference in routine that updates Tx ring stats. Currently only stats and bytes are updated when ring pointer is valid, but later on ring is accessed to propagate gathered Tx stats onto VSI stats. Change the existing logic to move to next ring when ring is NULL.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | < 5.16.17 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/2397270ec97c5e3009a58ac110a25e1869e9d6ffMailing ListPatch
- https://git.kernel.org/stable/c/f153546913bada41a811722f2c6d17c3243a0333Mailing ListPatch
- https://git.kernel.org/stable/c/2397270ec97c5e3009a58ac110a25e1869e9d6ffMailing ListPatch
- https://git.kernel.org/stable/c/f153546913bada41a811722f2c6d17c3243a0333Mailing ListPatch
FAQ
What is CVE-2022-48841?
CVE-2022-48841 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats() It is possible to do NULL pointer dereference in routine that ...
How severe is CVE-2022-48841?
CVE-2022-48841 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-48841?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.