{"uuid": "4405e67b-cf4f-4c47-b9f7-76acff089695", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48850", "type": "seen", "source": "https://t.me/cvedetector/960", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-48850 - Here is the title: IBM Mellanox mlx5-core Null Pointer Dereference Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-48850 \nPublished : July 16, 2024, 1:15 p.m. | 37\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet-sysfs: add check for netdevice being present to speed_show  \n  \nWhen bringing down the netdevice or system shutdown, a panic can be  \ntriggered while accessing the sysfs path because the device is already  \nremoved.  \n  \n    [  755.549084] mlx5_core 0000:12:00.1: Shutdown was called  \n    [  756.404455] mlx5_core 0000:12:00.0: Shutdown was called  \n    ...  \n    [  757.937260] BUG: unable to handle kernel NULL pointer dereference at           (null)  \n    [  758.031397] IP: [] dma_pool_alloc+0x1ab/0x280  \n  \n    crash> bt  \n    ...  \n    PID: 12649  TASK: ffff8924108f2100  CPU: 1   COMMAND: \"amsd\"  \n    ...  \n     #9 [ffff89240e1a38b0] page_fault at ffffffff8f38c778  \n        [exception RIP: dma_pool_alloc+0x1ab]  \n        RIP: ffffffff8ee11acb  RSP: ffff89240e1a3968  RFLAGS: 00010046  \n        RAX: 0000000000000246  RBX: ffff89243d874100  RCX: 0000000000001000  \n        RDX: 0000000000000000  RSI: 0000000000000246  RDI: ffff89243d874090  \n        RBP: ffff89240e1a39c0   R8: 000000000001f080   R9: ffff8905ffc03c00  \n        R10: ffffffffc04680d4  R11: ffffffff8edde9fd  R12: 00000000000080d0  \n        R13: ffff89243d874090  R14: ffff89243d874080  R15: 0000000000000000  \n        ORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0018  \n    #10 [ffff89240e1a39c8] mlx5_alloc_cmd_msg at ffffffffc04680f3 [mlx5_core]  \n    #11 [ffff89240e1a3a18] cmd_exec at ffffffffc046ad62 [mlx5_core]  \n    #12 [ffff89240e1a3ab8] mlx5_cmd_exec at ffffffffc046b4fb [mlx5_core]  \n    #13 [ffff89240e1a3ae8] mlx5_core_access_reg at ffffffffc0475434 [mlx5_core]  \n    #14 [ffff89240e1a3b40] mlx5e_get_fec_caps at ffffffffc04a7348 [mlx5_core]  \n    #15 [ffff89240e1a3bb0] get_fec_supported_advertised at ffffffffc04992bf [mlx5_core]  \n    #16 [ffff89240e1a3c08] mlx5e_get_link_ksettings at ffffffffc049ab36 [mlx5_core]  \n    #17 [ffff89240e1a3ce8] __ethtool_get_link_ksettings at ffffffff8f25db46  \n    #18 [ffff89240e1a3d48] speed_show at ffffffff8f277208  \n    #19 [ffff89240e1a3dd8] dev_attr_show at ffffffff8f0b70e3  \n    #20 [ffff89240e1a3df8] sysfs_kf_seq_show at ffffffff8eedbedf  \n    #21 [ffff89240e1a3e18] kernfs_seq_show at ffffffff8eeda596  \n    #22 [ffff89240e1a3e28] seq_read at ffffffff8ee76d10  \n    #23 [ffff89240e1a3e98] kernfs_fop_read at ffffffff8eedaef5  \n    #24 [ffff89240e1a3ed8] vfs_read at ffffffff8ee4e3ff  \n    #25 [ffff89240e1a3f08] sys_read at ffffffff8ee4f27f  \n    #26 [ffff89240e1a3f50] system_call_fastpath at ffffffff8f395f92  \n  \n    crash> net_device.state ffff89443b0c0000  \n      state = 0x5  (__LINK_STATE_START| __LINK_STATE_NOCARRIER)  \n  \nTo prevent this scenario, we also make sure that the netdevice is present. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T16:17:02.000000Z"}