ghsa-q8j6-m387-9488
Vulnerability from github
Published
2025-10-14 21:30
Modified
2025-10-14 21:30
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details

In the Linux kernel, the following vulnerability has been resolved:

Drivers: hv: vmbus: Fix initialization of device object in vmbus_device_register()

Initialize the device's dma_{mask,parms} pointers and the device's dma_mask value before invoking device_register(). Address the following trace with 5.17-rc7:

[ 49.646839] WARNING: CPU: 0 PID: 189 at include/linux/dma-mapping.h:543 netvsc_probe+0x37a/0x3a0 [hv_netvsc] [ 49.646928] Call Trace: [ 49.646930] [ 49.646935] vmbus_probe+0x40/0x60 [hv_vmbus] [ 49.646942] really_probe+0x1ce/0x3b0 [ 49.646948] __driver_probe_device+0x109/0x180 [ 49.646952] driver_probe_device+0x23/0xa0 [ 49.646955] __device_attach_driver+0x76/0xe0 [ 49.646958] ? driver_allows_async_probing+0x50/0x50 [ 49.646961] bus_for_each_drv+0x84/0xd0 [ 49.646964] __device_attach+0xed/0x170 [ 49.646967] device_initial_probe+0x13/0x20 [ 49.646970] bus_probe_device+0x8f/0xa0 [ 49.646973] device_add+0x41a/0x8e0 [ 49.646975] ? hrtimer_init+0x28/0x80 [ 49.646981] device_register+0x1b/0x20 [ 49.646983] vmbus_device_register+0x5e/0xf0 [hv_vmbus] [ 49.646991] vmbus_add_channel_work+0x12d/0x190 [hv_vmbus] [ 49.646999] process_one_work+0x21d/0x3f0 [ 49.647002] worker_thread+0x4a/0x3b0 [ 49.647005] ? process_one_work+0x3f0/0x3f0 [ 49.647007] kthread+0xff/0x130 [ 49.647011] ? kthread_complete_and_exit+0x20/0x20 [ 49.647015] ret_from_fork+0x22/0x30 [ 49.647020] [ 49.647021] ---[ end trace 0000000000000000 ]---

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2022-49099"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1188"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T07:00:47Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Fix initialization of device object in vmbus_device_register()\n\nInitialize the device\u0027s dma_{mask,parms} pointers and the device\u0027s\ndma_mask value before invoking device_register().  Address the\nfollowing trace with 5.17-rc7:\n\n[   49.646839] WARNING: CPU: 0 PID: 189 at include/linux/dma-mapping.h:543\n\tnetvsc_probe+0x37a/0x3a0 [hv_netvsc]\n[   49.646928] Call Trace:\n[   49.646930]  \u003cTASK\u003e\n[   49.646935]  vmbus_probe+0x40/0x60 [hv_vmbus]\n[   49.646942]  really_probe+0x1ce/0x3b0\n[   49.646948]  __driver_probe_device+0x109/0x180\n[   49.646952]  driver_probe_device+0x23/0xa0\n[   49.646955]  __device_attach_driver+0x76/0xe0\n[   49.646958]  ? driver_allows_async_probing+0x50/0x50\n[   49.646961]  bus_for_each_drv+0x84/0xd0\n[   49.646964]  __device_attach+0xed/0x170\n[   49.646967]  device_initial_probe+0x13/0x20\n[   49.646970]  bus_probe_device+0x8f/0xa0\n[   49.646973]  device_add+0x41a/0x8e0\n[   49.646975]  ? hrtimer_init+0x28/0x80\n[   49.646981]  device_register+0x1b/0x20\n[   49.646983]  vmbus_device_register+0x5e/0xf0 [hv_vmbus]\n[   49.646991]  vmbus_add_channel_work+0x12d/0x190 [hv_vmbus]\n[   49.646999]  process_one_work+0x21d/0x3f0\n[   49.647002]  worker_thread+0x4a/0x3b0\n[   49.647005]  ? process_one_work+0x3f0/0x3f0\n[   49.647007]  kthread+0xff/0x130\n[   49.647011]  ? kthread_complete_and_exit+0x20/0x20\n[   49.647015]  ret_from_fork+0x22/0x30\n[   49.647020]  \u003c/TASK\u003e\n[   49.647021] ---[ end trace 0000000000000000 ]---",
  "id": "GHSA-q8j6-m387-9488",
  "modified": "2025-10-14T21:30:25Z",
  "published": "2025-10-14T21:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49099"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2fe4b8631427618175a32f125062df91a5fe3f73"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3a5469582c241abca22500f36a9cb8e9331969cf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.