CVE-2022-49689

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A NULL pointer dereference issue has been identified in the Linux kernel, specifically in the xen-blkfront component. This issue occurs when a VBD is not fully created and then closed, resulting in a kernel panic. The problem arises from the use of NULL variables in the blkfront closing() function. Technical details about the issue include the involvement of the blk mq stop hw queues function and the xenwatch thread.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.