CVE-2022-49569

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Feb 26, 2025

Updated: Mar 10, 2025

CWE ID 476

Summary

CVE-2022-49569 is a vulnerability affecting the Linux kernel's SPI driver for Broadcom BCM2835 chips. When an IRQ-based transfer times out, the bcm2835_spi_handle_err() function may encounter NULL pointer dereferencing due to the unconditional cancellation of DMA transfers since commit 1513ceee70f2. This issue arises when the ctlr->dma_tx or ctlr->dma_rx pointers are not set, resulting in a potential crash or exploitation. The vulnerability has been mitigated by implementing checks to ensure valid pointers are accessed before any operations are performed.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Linux Kernel

Affected Vendors

LINUX

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3usuXj
https://www.cve.org/CVERecord?id=CVE-2022-49569
https://nvd.nist.gov/vuln/detail/CVE-2022-49569

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners