ghsa-3mx8-688w-x5vh
Vulnerability from github
Published
2025-09-15 15:31
Modified
2025-09-15 15:31
Details

In the Linux kernel, the following vulnerability has been resolved:

chardev: fix error handling in cdev_device_add()

While doing fault injection test, I got the following report:

------------[ cut here ]------------ kobject: '(null)' (0000000039956980): is not initialized, yet kobject_put() is being called. WARNING: CPU: 3 PID: 6306 at kobject_put+0x23d/0x4e0 CPU: 3 PID: 6306 Comm: 283 Tainted: G W 6.1.0-rc2-00005-g307c1086d7c9 #1253 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014 RIP: 0010:kobject_put+0x23d/0x4e0 Call Trace: cdev_device_add+0x15e/0x1b0 __iio_device_register+0x13b4/0x1af0 [industrialio] __devm_iio_device_register+0x22/0x90 [industrialio] max517_probe+0x3d8/0x6b4 [max517] i2c_device_probe+0xa81/0xc00

When device_add() is injected fault and returns error, if dev->devt is not set, cdev_add() is not called, cdev_del() is not needed. Fix this by checking dev->devt in error path.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2022-50282"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-15T15:15:39Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nchardev: fix error handling in cdev_device_add()\n\nWhile doing fault injection test, I got the following report:\n\n------------[ cut here ]------------\nkobject: \u0027(null)\u0027 (0000000039956980): is not initialized, yet kobject_put() is being called.\nWARNING: CPU: 3 PID: 6306 at kobject_put+0x23d/0x4e0\nCPU: 3 PID: 6306 Comm: 283 Tainted: G        W          6.1.0-rc2-00005-g307c1086d7c9 #1253\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\nRIP: 0010:kobject_put+0x23d/0x4e0\nCall Trace:\n \u003cTASK\u003e\n cdev_device_add+0x15e/0x1b0\n __iio_device_register+0x13b4/0x1af0 [industrialio]\n __devm_iio_device_register+0x22/0x90 [industrialio]\n max517_probe+0x3d8/0x6b4 [max517]\n i2c_device_probe+0xa81/0xc00\n\nWhen device_add() is injected fault and returns error, if dev-\u003edevt is not set,\ncdev_add() is not called, cdev_del() is not needed. Fix this by checking dev-\u003edevt\nin error path.",
  "id": "GHSA-3mx8-688w-x5vh",
  "modified": "2025-09-15T15:31:26Z",
  "published": "2025-09-15T15:31:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50282"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/11fa7fefe3d8fac7da56bc9aa3dd5fb3081ca797"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/28dc61cc49c6e995121c6d86bef4b73df78dda80"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/34d17b39bceef25e4cf9805cd59250ae05d0a139"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5d2146889fad4cb9e6c13e790d4cfd871486eca8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6acf8597c5b04f455ee0649e11e5f3bcd28f381e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/85a5660491b507d33662b8e81c142e6041e642eb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b5de1eac71fec1af7723f1083d23a24789fd795c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c46db6088bccff5115674d583fef46ede80077a2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d85b5247a79355b8432bfd9ac871f96117f750d4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.