{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2022-49308","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-02-26T02:08:31.536Z","datePublished":"2025-02-26T02:10:39.648Z","dateUpdated":"2025-12-23T13:23:25.054Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-12-23T13:23:25.054Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nextcon: Modify extcon device to be created after driver data is set\n\nCurrently, someone can invoke the sysfs such as state_show()\nintermittently before dev_set_drvdata() is done.\nAnd it can be a cause of kernel Oops because of edev is Null at that time.\nSo modified the driver registration to after setting drviver data.\n\n- Oops's backtrace.\n\nBacktrace:\n[] (state_show) from [] (dev_attr_show)\n[] (dev_attr_show) from [] (sysfs_kf_seq_show)\n[] (sysfs_kf_seq_show) from [] (kernfs_seq_show)\n[] (kernfs_seq_show) from [] (seq_read)\n[] (seq_read) from [] (kernfs_fop_read)\n[] (kernfs_fop_read) from [] (__vfs_read)\n[] (__vfs_read) from [] (vfs_read)\n[] (vfs_read) from [] (ksys_read)\n[] (ksys_read) from [] (sys_read)\n[] (sys_read) from [] (__sys_trace_return)"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/extcon/extcon.c"],"versions":[{"version":"de55d8716ac50a356cea736c29bb7db5ac3d0190","lessThan":"6e721f3ad0535b24f19a62420f4da95212cf069c","status":"affected","versionType":"git"},{"version":"de55d8716ac50a356cea736c29bb7db5ac3d0190","lessThan":"cb81ea998c461868d1168411a867d8ffee12f23f","status":"affected","versionType":"git"},{"version":"de55d8716ac50a356cea736c29bb7db5ac3d0190","lessThan":"d472c78cc82999d07bd09193a6718016ce9cd386","status":"affected","versionType":"git"},{"version":"de55d8716ac50a356cea736c29bb7db5ac3d0190","lessThan":"abf3b222614f49f98e606fccdd269161c0d70204","status":"affected","versionType":"git"},{"version":"de55d8716ac50a356cea736c29bb7db5ac3d0190","lessThan":"368e68ad6da4317fc4170e8d92b51c13d1bfe7a7","status":"affected","versionType":"git"},{"version":"de55d8716ac50a356cea736c29bb7db5ac3d0190","lessThan":"35ff1ac55d301efb3f467cf5426faaeb3452994b","status":"affected","versionType":"git"},{"version":"de55d8716ac50a356cea736c29bb7db5ac3d0190","lessThan":"033ec4e7e59ae5e1ef1e8c10bc6552926044ed1c","status":"affected","versionType":"git"},{"version":"de55d8716ac50a356cea736c29bb7db5ac3d0190","lessThan":"5dcc2afe716d69f5112ce035cb14f007461ff189","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/extcon/extcon.c"],"versions":[{"version":"3.5","status":"affected"},{"version":"0","lessThan":"3.5","status":"unaffected","versionType":"semver"},{"version":"4.14.283","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.247","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.198","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.122","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.47","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.17.15","lessThanOrEqual":"5.17.*","status":"unaffected","versionType":"semver"},{"version":"5.18.4","lessThanOrEqual":"5.18.*","status":"unaffected","versionType":"semver"},{"version":"5.19","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5","versionEndExcluding":"4.14.283"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5","versionEndExcluding":"4.19.247"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5","versionEndExcluding":"5.4.198"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5","versionEndExcluding":"5.10.122"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5","versionEndExcluding":"5.15.47"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5","versionEndExcluding":"5.17.15"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5","versionEndExcluding":"5.18.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5","versionEndExcluding":"5.19"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/6e721f3ad0535b24f19a62420f4da95212cf069c"},{"url":"https://git.kernel.org/stable/c/cb81ea998c461868d1168411a867d8ffee12f23f"},{"url":"https://git.kernel.org/stable/c/d472c78cc82999d07bd09193a6718016ce9cd386"},{"url":"https://git.kernel.org/stable/c/abf3b222614f49f98e606fccdd269161c0d70204"},{"url":"https://git.kernel.org/stable/c/368e68ad6da4317fc4170e8d92b51c13d1bfe7a7"},{"url":"https://git.kernel.org/stable/c/35ff1ac55d301efb3f467cf5426faaeb3452994b"},{"url":"https://git.kernel.org/stable/c/033ec4e7e59ae5e1ef1e8c10bc6552926044ed1c"},{"url":"https://git.kernel.org/stable/c/5dcc2afe716d69f5112ce035cb14f007461ff189"}],"title":"extcon: Modify extcon device to be created after driver data is set","x_generator":{"engine":"bippy-1.2.0"}}}}