github - ghsa-r3cx-wcp6-7g33

ghsa-r3cx-wcp6-7g33

Vulnerability from github

Published

2025-06-18 12:30

Modified

2025-06-18 12:30

Details

In the Linux kernel, the following vulnerability has been resolved:

kernfs: fix potential NULL dereference in __kernfs_remove

When lockdep is enabled, lockdep_assert_held_write would cause potential NULL pointer dereference.

Fix the following smatch warnings:

fs/kernfs/dir.c:1353 __kernfs_remove() warn: variable dereferenced before check 'kn' (see line 1346)

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-50148"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-18T11:15:44Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nkernfs: fix potential NULL dereference in __kernfs_remove\n\nWhen lockdep is enabled, lockdep_assert_held_write would\ncause potential NULL pointer dereference.\n\nFix the following smatch warnings:\n\nfs/kernfs/dir.c:1353 __kernfs_remove() warn: variable dereferenced before check \u0027kn\u0027 (see line 1346)",
  "id": "GHSA-r3cx-wcp6-7g33",
  "modified": "2025-06-18T12:30:51Z",
  "published": "2025-06-18T12:30:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50148"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4a9f35b8729c5bf13ea671c908c17ed74c48fc50"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/72b5d5aef246a0387cefa23121dd90901c7a691a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b871986d9d3071f5082664ac274d93f08db257cd"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2022-50148 (GCVE-0-2022-50148)

Vulnerability from cvelistv5

Published

2025-06-18 11:03

Modified

2025-06-18 11:03

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: kernfs: fix potential NULL dereference in __kernfs_remove When lockdep is enabled, lockdep_assert_held_write would cause potential NULL pointer dereference. Fix the following smatch warnings: fs/kernfs/dir.c:1353 __kernfs_remove() warn: variable dereferenced before check 'kn' (see line 1346)

References

►

URL

Tags

	https://git.kernel.org/stable/c/b871986d9d3071f5082664ac274d93f08db257cd
	https://git.kernel.org/stable/c/4a9f35b8729c5bf13ea671c908c17ed74c48fc50
	https://git.kernel.org/stable/c/72b5d5aef246a0387cefa23121dd90901c7a691a

Impacted products

Vendor

Product

Version

►

Version: 393c3714081a53795bbff0e985d24146def6f57f
Version: 393c3714081a53795bbff0e985d24146def6f57f
Version: 393c3714081a53795bbff0e985d24146def6f57f

Version: 5.17

Show details on NVD website

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/kernfs/dir.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b871986d9d3071f5082664ac274d93f08db257cd",
              "status": "affected",
              "version": "393c3714081a53795bbff0e985d24146def6f57f",
              "versionType": "git"
            },
            {
              "lessThan": "4a9f35b8729c5bf13ea671c908c17ed74c48fc50",
              "status": "affected",
              "version": "393c3714081a53795bbff0e985d24146def6f57f",
              "versionType": "git"
            },
            {
              "lessThan": "72b5d5aef246a0387cefa23121dd90901c7a691a",
              "status": "affected",
              "version": "393c3714081a53795bbff0e985d24146def6f57f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/kernfs/dir.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.17"
            },
            {
              "lessThan": "5.17",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.18.*",
              "status": "unaffected",
              "version": "5.18.18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.19.*",
              "status": "unaffected",
              "version": "5.19.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.0",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.18.18",
                  "versionStartIncluding": "5.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.19.2",
                  "versionStartIncluding": "5.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0",
                  "versionStartIncluding": "5.17",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkernfs: fix potential NULL dereference in __kernfs_remove\n\nWhen lockdep is enabled, lockdep_assert_held_write would\ncause potential NULL pointer dereference.\n\nFix the following smatch warnings:\n\nfs/kernfs/dir.c:1353 __kernfs_remove() warn: variable dereferenced before check \u0027kn\u0027 (see line 1346)"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-18T11:03:08.462Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b871986d9d3071f5082664ac274d93f08db257cd"
        },
        {
          "url": "https://git.kernel.org/stable/c/4a9f35b8729c5bf13ea671c908c17ed74c48fc50"
        },
        {
          "url": "https://git.kernel.org/stable/c/72b5d5aef246a0387cefa23121dd90901c7a691a"
        }
      ],
      "title": "kernfs: fix potential NULL dereference in __kernfs_remove",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50148",
    "datePublished": "2025-06-18T11:03:08.462Z",
    "dateReserved": "2025-06-18T10:57:27.424Z",
    "dateUpdated": "2025-06-18T11:03:08.462Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.