CVE-2022-49268

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for the NULL pointer dereference bug.

Description A NULL pointer dereference bug has been identified in the Linux kernel, specifically in the ASoC: SOF: Intel component. This issue occurs when the snd dma alloc pages() function returns -ENOMEM, and subsequently, snd dma free pages() is called, leading to a NULL pointer dereference. The error is indicated by a message in the dmesg log, including an error code of -12 and a BUG report detailing a kernel NULL pointer dereference.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the NULL pointer dereference bug. As a temporary workaround, consider disabling the dma free noncontiguous() function or restricting its use until a patched version of the kernel is available. However, since the provided information does not specify the exact version that includes the fix, it is recommended to check for and apply the latest kernel updates. At the moment, there is no information about a newer version that contains a fix for this vulnerability.