PT-2025-8011 · Linux+3 · Linux Kernel+3

Jason Gunthorpe

Published

2022-03-31

Updated

2025-05-22

CVE-2022-49083

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A NULL pointer dereference issue has been identified in the Linux kernel, specifically in the iommu/omap component. This issue arose from a regression caused by a commit that changed the function return type but missed converting one place, leading to the omap iommu probe returning 0 instead of ERR PTR(-ENODEV). The issue is triggered in the iommu probe device function, which is called from probe iommu group, and subsequently from other functions such as bus for each dev and bus iommu probe. This problem was noted by Jason Gunthorpe and is associated with earlier commits that altered the iommu/omap probe functionality.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2025-06062

CVE-2022-49083

OPENSUSE-SU-2025_1263-1

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1263-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2025-8011 · Linux+3 · Linux Kernel+3

CVE-2022-49083

Weakness Enumeration

Related Identifiers

Affected Products

References · 1353