{"vulnerability": "CVE-2022-48942", "sightings": [{"uuid": "47193d72-8207-44bc-9120-c4e1801ca99e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48942", "type": "seen", "source": "https://t.me/cvedetector/3884", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-48942 - Linux Kernel Hardware Monitoring Thermal Zone Sensor Registration Null Pointer Dereference\", \n  \"Content\": \"CVE ID : CVE-2022-48942 \nPublished : Aug. 22, 2024, 4:15 a.m. | 31\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nhwmon: Handle failure to register sensor with thermal zone correctly  \n  \nIf an attempt is made to a sensor with a thermal zone and it fails,  \nthe call to devm_thermal_zone_of_sensor_register() may return -ENODEV.  \nThis may result in crashes similar to the following.  \n  \nUnable to handle kernel NULL pointer dereference at virtual address 00000000000003cd  \n...  \nInternal error: Oops: 96000021 [#1] PREEMPT SMP  \n...  \npstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)  \npc : mutex_lock+0x18/0x60  \nlr : thermal_zone_device_update+0x40/0x2e0  \nsp : ffff800014c4fc60  \nx29: ffff800014c4fc60 x28: ffff365ee3f6e000 x27: ffffdde218426790  \nx26: ffff365ee3f6e000 x25: 0000000000000000 x24: ffff365ee3f6e000  \nx23: ffffdde218426870 x22: ffff365ee3f6e000 x21: 00000000000003cd  \nx20: ffff365ee8bf3308 x19: ffffffffffffffed x18: 0000000000000000  \nx17: ffffdde21842689c x16: ffffdde1cb7a0b7c x15: 0000000000000040  \nx14: ffffdde21a4889a0 x13: 0000000000000228 x12: 0000000000000000  \nx11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000  \nx8 : 0000000001120000 x7 : 0000000000000001 x6 : 0000000000000000  \nx5 : 0068000878e20f07 x4 : 0000000000000000 x3 : 00000000000003cd  \nx2 : ffff365ee3f6e000 x1 : 0000000000000000 x0 : 00000000000003cd  \nCall trace:  \n mutex_lock+0x18/0x60  \n hwmon_notify_event+0xfc/0x110  \n 0xffffdde1cb7a0a90  \n 0xffffdde1cb7a0b7c  \n irq_thread_fn+0x2c/0xa0  \n irq_thread+0x134/0x240  \n kthread+0x178/0x190  \n ret_from_fork+0x10/0x20  \nCode: d503201f d503201f d2800001 aa0103e4 (c8e47c02)  \n  \nJon Hunter reports that the exact call sequence is:  \n  \nhwmon_notify_event()  \n  --> hwmon_thermal_notify()  \n    --> thermal_zone_device_update()  \n      --> update_temperature()  \n        --> mutex_lock()  \n  \nThe hwmon core needs to handle all errors returned from calls  \nto devm_thermal_zone_of_sensor_register(). If the call fails  \nwith -ENODEV, report that the sensor was not attached to a  \nthermal zone  but continue to register the hwmon device. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T06:49:18.000000Z"}]}