Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Don't unregister on shutdown Similar to SMMUv2, this driver calls iommu_device_unregister() from the shutdown path, which removes the IOMMU groups with no coordination whatsoever with their users - shutdown methods are optional in device drivers. This can lead to NULL pointer dereferences in those drivers' DMA API calls, or worse. Instead of calling the full arm_smmu_device_remove() from arm_smmu_device_shutdown(), let's pick only the relevant function call - arm_smmu_device_disable() - more or less the reverse of arm_smmu_device_reset() - and call just that from the shutdown path.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.1, < 6.1.7 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/32ea2c57dc216b6ad8125fa680d31daa5d421c95Patch
- https://git.kernel.org/stable/c/ead3e6c79479890444c777fd329afc125fecde48Patch
FAQ
What is CVE-2022-48894?
CVE-2022-48894 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Don't unregister on shutdown Similar to SMMUv2, this driver calls iommu_device_unregister() from the shutdown p...
How severe is CVE-2022-48894?
CVE-2022-48894 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-48894?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.