{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T07:02:30.252","vulnerabilities":[{"cve":{"id":"CVE-2022-48750","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-06-20T12:15:13.223","lastModified":"2024-11-21T07:33:55.473","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (nct6775) Fix crash in clear_caseopen\n\nPaweł Marciniak reports the following crash, observed when clearing\nthe chassis intrusion alarm.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000028\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 3 PID: 4815 Comm: bash Tainted: G S                5.16.2-200.fc35.x86_64 #1\nHardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./Z97 Extreme4, BIOS P2.60A 05/03/2018\nRIP: 0010:clear_caseopen+0x5a/0x120 [nct6775]\nCode: 68 70 e8 e9 32 b1 e3 85 c0 0f 85 d2 00 00 00 48 83 7c 24 ...\nRSP: 0018:ffffabcb02803dd8 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000000\nRDX: ffff8e8808192880 RSI: 0000000000000000 RDI: ffff8e87c7509a68\nRBP: 0000000000000000 R08: 0000000000000001 R09: 000000000000000a\nR10: 000000000000000a R11: f000000000000000 R12: 000000000000001f\nR13: ffff8e87c7509828 R14: ffff8e87c7509a68 R15: ffff8e88494527a0\nFS:  00007f4db9151740(0000) GS:ffff8e8ebfec0000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000028 CR3: 0000000166b66001 CR4: 00000000001706e0\nCall Trace:\n <TASK>\n kernfs_fop_write_iter+0x11c/0x1b0\n new_sync_write+0x10b/0x180\n vfs_write+0x209/0x2a0\n ksys_write+0x4f/0xc0\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe problem is that the device passed to clear_caseopen() is the hwmon\ndevice, not the platform device, and the platform data is not set in the\nhwmon device. Store the pointer to sio_data in struct nct6775_data and\nget if from there if needed."},{"lang":"es","value":"En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: hwmon: (nct6775) ¿Reparar fallo en clear_caseopen Pawe? Marciniak informa del siguiente accidente, observado al borrar la alarma de intrusión en el chasis. ERROR: desreferencia del puntero NULL del kernel, dirección: 00000000000000028 PGD 0 P4D 0 Ups: 0000 [#1] PREEMPT SMP PTI CPU: 3 PID: 4815 Comm: bash Contaminado: GS 5.16.2-200.fc35.x86_64 #1 Nombre de hardware: Para ser completado por OEM Para ser completado por OEM/Z97 Extreme4, BIOS P2.60A 03/05/2018 RIP: 0010:clear_caseopen+0x5a/0x120 [nct6775] Código: 68 70 e8 e9 32 b1 e3 85 c0 0f 85 d2 00 00 00 48 83 7c 24 ... RSP: 0018:ffffabcb02803dd8 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 00000000000000002 RCX: 0000000000000000 RDX: 8808192880 RSI: 0000000000000000 RDI: ffff8e87c7509a68 RBP: 0000000000000000 R08: 0000000000000001 R09: 000000000000000a R10: 000000a R11: f000000000000000 R12: 000000000000001f R13: ffff8e87c7509828 R14: ffff8e87c7509a68 R15: ffff8e88494527a0 FS: 00007f4db9151740(0000) GS:ffff8e8ebfec0000(0000) nlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000028 CR3: 0000000166b66001 CR4: 00000000001706e0 :  kernfs_fop_write_iter+0x11c/0x1b0 new_sync_write+0x10b/0x180 vfs_write+0x209/0x2a0 ksys_write+0x4f/0xc0 do_syscall_64+0x3b/0x90 Entry_SYSCALL_64_after_hwframe+0x44/0xae El problema es que el dispositivo pasado a clear_caseopen() es el dispositivo hwmon, no el dispositivo de plataforma y los datos de la plataforma no están configurados en el dispositivo hwmon. Guarde el puntero a sio_data en la estructura nct6775_data y obtengalo desde allí si es necesario."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"5.16.5","matchCriteriaId":"1AD9E77E-B27E-450C-8FD8-B64EC5FB002D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*","matchCriteriaId":"7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/79da533d3cc717ccc05ddbd3190da8a72bc2408b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cfb7d12f2e4a4d694f49e9b4ebb352f7b67cdfbb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/79da533d3cc717ccc05ddbd3190da8a72bc2408b","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cfb7d12f2e4a4d694f49e9b4ebb352f7b67cdfbb","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}