CVE-2022-49569

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A issue in the Linux kernel has been identified, specifically in the spi: bcm2835 module. The bcm2835 spi handle err() function is called when an IRQ based transfer times out. Due to changes made in commit 1513ceee70f2, TX and RX DMA transfers are unconditionally canceled, leading to NULL pointer dereferences if ctlr->dma tx or ctlr->dma rx are not set. This occurs because the dma pending flag was dropped.

Recommendations To resolve this issue, check that ctlr->dma tx and ctlr->dma rx are valid pointers before accessing them in the bcm2835 spi handle err() function. As a temporary workaround, consider adding checks for NULL pointers to prevent dereferences. At the moment, there is no information about a newer version that contains a fix for this vulnerability.