Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: efi: fix NULL-deref in init error path In cases where runtime services are not supported or have been disabled, the runtime services workqueue will never have been allocated. Do not try to destroy the workqueue unconditionally in the unlikely event that EFI initialisation fails to avoid dereferencing a NULL pointer.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.19.142, < 4.19.270 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/4ca71bc0e1995d15486cd7b60845602a28399cb5Patch
- https://git.kernel.org/stable/c/585a0b2b3ae7903c6abee3087d09c69e955a7794Patch
- https://git.kernel.org/stable/c/5fcf75a8a4c3e7ee9122d143684083c9faf20452Patch
- https://git.kernel.org/stable/c/703c13fe3c9af557d312f5895ed6a5fda2711104Patch
- https://git.kernel.org/stable/c/adc96d30f6503d30dc68670c013716f1d9fcc747Patch
- https://git.kernel.org/stable/c/e2ea55564229e4bea1474af15b111b3a3043b76fPatch
FAQ
What is CVE-2022-48879?
CVE-2022-48879 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: efi: fix NULL-deref in init error path In cases where runtime services are not supported or have been disabled, the runtime servic...
How severe is CVE-2022-48879?
CVE-2022-48879 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-48879?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.