{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T07:41:05.813","vulnerabilities":[{"cve":{"id":"CVE-2022-48713","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-06-20T11:15:54.960","lastModified":"2025-09-17T17:12:38.553","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel/pt: Fix crash with stop filters in single-range mode\n\nAdd a check for !buf->single before calling pt_buffer_region_size in a\nplace where a missing check can cause a kernel crash.\n\nFixes a bug introduced by commit 670638477aed (\"perf/x86/intel/pt:\nOpportunistically use single range output mode\"), which added a\nsupport for PT single-range output mode. Since that commit if a PT\nstop filter range is hit while tracing, the kernel will crash because\nof a null pointer dereference in pt_handle_status due to calling\npt_buffer_region_size without a ToPA configured.\n\nThe commit which introduced single-range mode guarded almost all uses of\nthe ToPA buffer variables with checks of the buf->single variable, but\nmissed the case where tracing was stopped by the PT hardware, which\nhappens when execution hits a configured stop filter.\n\nTested that hitting a stop filter while PT recording successfully\nrecords a trace with this patch but crashes without this patch."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: perf/x86/intel/pt: soluciona el fallo con filtros de parada en modo de rango único. Añade una marca para !buf->single antes de llamar a pt_buffer_region_size en un lugar donde una marca faltante puede provocar un fallo del kernel. Corrige un error introducido por el commit 670638477aed (\"perf/x86/intel/pt: utilizar de manera oportunista el modo de salida de rango único\"), que agregó soporte para el modo de salida de rango único PT. Desde esa confirmación, si se alcanza un rango de filtro de parada PT durante el seguimiento, el kernel fallará debido a una desreferencia de puntero nulo en pt_handle_status debido a la llamada a pt_buffer_region_size sin un ToPA configurado. La confirmación que introdujo el modo de rango único protegió casi todos los usos de las variables del búfer ToPA con comprobaciones de la variable buf->single, pero omitió el caso en el que el hardware PT detuvo el seguimiento, lo que ocurre cuando la ejecución llega a un filtro de parada configurado. Se probó que al presionar un filtro de detención mientras se graba PT se registra exitosamente un seguimiento con este parche, pero falla sin este parche."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.99","matchCriteriaId":"FA1C3B80-458E-4F34-A0BF-5223557F2863"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.22","matchCriteriaId":"74528AA6-B524-4C3F-B188-1194235FE47D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"5.16.8","matchCriteriaId":"0623892A-E3E4-44E6-8A5E-39A0B47AF782"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*","matchCriteriaId":"7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*","matchCriteriaId":"E6E34B23-78B4-4516-9BD8-61B33F4AC49A"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1d9093457b243061a9bba23543c38726e864a643","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/456f041e035913fcedb275aff6f8a71dfebcd394","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e83d941fd3445f660d2f43647c580a320cc384f6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/feffb6ae2c80b9a8206450cdef90f5943baced99","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1d9093457b243061a9bba23543c38726e864a643","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/456f041e035913fcedb275aff6f8a71dfebcd394","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e83d941fd3445f660d2f43647c580a320cc384f6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/feffb6ae2c80b9a8206450cdef90f5943baced99","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}