CVE-2022-49756

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A potential null pointer dereference issue has been identified in the Linux kernel, specifically in the sp usb phy probe() function. This function calls platform get resource byname(), which may return NULL, and subsequently, devm ioremap() uses usbphy->moon4 res mem->start as input, potentially causing a null pointer dereference. The issue is resolved by checking the return value of platform get resource byname() to avoid the null pointer dereference.

Recommendations For the affected Linux kernel versions, check the return value of platform get resource byname() in the sp usb phy probe() function to avoid null pointer dereferences. At the moment, there is no information about a newer version that contains a fix for this vulnerability.