CVE-2022-48750: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775) Fix crash in clear_caseopen Paweł Marciniak reports the following crash, observed when clearing the chassis intrusion alarm. BUG: kernel NULL pointer dereference, address: 0000000000000028 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 3 PID: 4815 Comm: bash Tainted: G S 5.16.2-200.fc35.x86_64 #1 Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./Z97 Extreme4, BIOS P2.60A 05/03/2018 RIP: 0010:clear_caseopen+0x5a/0x120 [nct6775] Code: 68 70 e8 e9 32 b1 e3 85 c0 0f 85 d2 00 00 00 48 83 7c 24 ... RSP: 0018:ffffabcb02803dd8 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000000 RDX: ffff8e8808192880 RSI: 0000000000000000 RDI: ffff8e87c7509a68 RBP: 0000000000000000 R08: 0000000000000001 R09: 000000000000000a R10: 000000000000000a R11: f000000000000000 R12: 000000000000001f R13: ffff8e87c7509828 R14: ffff8e87c7509a68 R15: ffff8e88494527a0 FS: 00007f4db9151740(0000) GS:ffff8e8ebfec0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000028 CR3: 0000000166b66001 CR4: 00000000001706e0 Call Trace: <TASK> kernfs_fop_write_iter+0x11c/0x1b0 new_sync_write+0x10b/0x180 vfs_write+0x209/0x2a0 ksys_write+0x4f/0xc0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x44/0xae The problem is that the device passed to clear_caseopen() is the hwmon device, not the platform device, and the platform data is not set in the hwmon device. Store the pointer to sio_data in struct nct6775_data and get if from there if needed.
AI Analysis
Technical Summary
CVE-2022-48750 is a vulnerability identified in the Linux kernel's hardware monitoring (hwmon) subsystem, specifically within the nct6775 driver. The issue arises in the clear_caseopen() function, which is responsible for clearing the chassis intrusion alarm. The vulnerability is caused by a NULL pointer dereference due to improper handling of device pointers. In this case, the function mistakenly uses the hwmon device pointer instead of the platform device pointer, resulting in the platform data not being set in the hwmon device. This leads to a kernel crash (NULL pointer dereference) when the function attempts to access platform-specific data that is not initialized. The crash manifests as a kernel oops, which can cause system instability or denial of service. The root cause is a logic error in how the driver stores and retrieves the sio_data pointer, which should be stored in the nct6775_data structure and accessed from there. This vulnerability affects Linux kernel versions including 5.16.2-200.fc35.x86_64 and potentially others using the affected driver. The vulnerability was reported by Paweł Marciniak and has been addressed by correcting the pointer usage in the driver code. There are no known exploits in the wild at this time, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2022-48750 primarily involves potential system instability and denial of service on Linux systems running the vulnerable kernel versions with the nct6775 hardware monitoring driver enabled. This driver is commonly used on motherboards with Nuvoton NCT6775 series sensors, which monitor hardware parameters such as temperature, voltage, and fan speeds. Servers, workstations, and embedded systems relying on these sensors for hardware health monitoring could experience kernel crashes when clearing chassis intrusion alarms, potentially disrupting critical operations. While this vulnerability does not directly lead to privilege escalation or remote code execution, the resulting kernel panic could cause downtime or data loss if systems reboot unexpectedly. European organizations with infrastructure running Fedora 35 or other distributions using the affected kernel versions are at risk. The vulnerability could affect data centers, industrial control systems, and enterprise environments where hardware monitoring is essential for operational stability. Given the lack of known exploits, the immediate risk is moderate, but unpatched systems remain vulnerable to accidental or malicious triggering of the crash, impacting availability.
Mitigation Recommendations
To mitigate CVE-2022-48750, European organizations should: 1) Apply the latest Linux kernel patches that address this vulnerability as soon as they become available from their distribution vendors. 2) Identify systems using the nct6775 driver by checking hardware sensor configurations and kernel module usage. 3) Temporarily disable chassis intrusion alarm monitoring if feasible, to avoid triggering the vulnerable code path until patches are applied. 4) Monitor kernel logs for oops or crash messages related to clear_caseopen or nct6775 to detect attempts to trigger the vulnerability. 5) For critical systems, consider kernel version upgrades to versions where the fix is included or use backported patches provided by trusted vendors. 6) Implement robust system monitoring and automated recovery mechanisms to minimize downtime in case of crashes. 7) Engage with hardware vendors to confirm compatibility and support for patched kernel versions. These steps go beyond generic advice by focusing on hardware-specific driver usage, proactive detection, and operational continuity.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Sweden
CVE-2022-48750: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775) Fix crash in clear_caseopen Paweł Marciniak reports the following crash, observed when clearing the chassis intrusion alarm. BUG: kernel NULL pointer dereference, address: 0000000000000028 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 3 PID: 4815 Comm: bash Tainted: G S 5.16.2-200.fc35.x86_64 #1 Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./Z97 Extreme4, BIOS P2.60A 05/03/2018 RIP: 0010:clear_caseopen+0x5a/0x120 [nct6775] Code: 68 70 e8 e9 32 b1 e3 85 c0 0f 85 d2 00 00 00 48 83 7c 24 ... RSP: 0018:ffffabcb02803dd8 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000000 RDX: ffff8e8808192880 RSI: 0000000000000000 RDI: ffff8e87c7509a68 RBP: 0000000000000000 R08: 0000000000000001 R09: 000000000000000a R10: 000000000000000a R11: f000000000000000 R12: 000000000000001f R13: ffff8e87c7509828 R14: ffff8e87c7509a68 R15: ffff8e88494527a0 FS: 00007f4db9151740(0000) GS:ffff8e8ebfec0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000028 CR3: 0000000166b66001 CR4: 00000000001706e0 Call Trace: <TASK> kernfs_fop_write_iter+0x11c/0x1b0 new_sync_write+0x10b/0x180 vfs_write+0x209/0x2a0 ksys_write+0x4f/0xc0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x44/0xae The problem is that the device passed to clear_caseopen() is the hwmon device, not the platform device, and the platform data is not set in the hwmon device. Store the pointer to sio_data in struct nct6775_data and get if from there if needed.
AI-Powered Analysis
Technical Analysis
CVE-2022-48750 is a vulnerability identified in the Linux kernel's hardware monitoring (hwmon) subsystem, specifically within the nct6775 driver. The issue arises in the clear_caseopen() function, which is responsible for clearing the chassis intrusion alarm. The vulnerability is caused by a NULL pointer dereference due to improper handling of device pointers. In this case, the function mistakenly uses the hwmon device pointer instead of the platform device pointer, resulting in the platform data not being set in the hwmon device. This leads to a kernel crash (NULL pointer dereference) when the function attempts to access platform-specific data that is not initialized. The crash manifests as a kernel oops, which can cause system instability or denial of service. The root cause is a logic error in how the driver stores and retrieves the sio_data pointer, which should be stored in the nct6775_data structure and accessed from there. This vulnerability affects Linux kernel versions including 5.16.2-200.fc35.x86_64 and potentially others using the affected driver. The vulnerability was reported by Paweł Marciniak and has been addressed by correcting the pointer usage in the driver code. There are no known exploits in the wild at this time, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2022-48750 primarily involves potential system instability and denial of service on Linux systems running the vulnerable kernel versions with the nct6775 hardware monitoring driver enabled. This driver is commonly used on motherboards with Nuvoton NCT6775 series sensors, which monitor hardware parameters such as temperature, voltage, and fan speeds. Servers, workstations, and embedded systems relying on these sensors for hardware health monitoring could experience kernel crashes when clearing chassis intrusion alarms, potentially disrupting critical operations. While this vulnerability does not directly lead to privilege escalation or remote code execution, the resulting kernel panic could cause downtime or data loss if systems reboot unexpectedly. European organizations with infrastructure running Fedora 35 or other distributions using the affected kernel versions are at risk. The vulnerability could affect data centers, industrial control systems, and enterprise environments where hardware monitoring is essential for operational stability. Given the lack of known exploits, the immediate risk is moderate, but unpatched systems remain vulnerable to accidental or malicious triggering of the crash, impacting availability.
Mitigation Recommendations
To mitigate CVE-2022-48750, European organizations should: 1) Apply the latest Linux kernel patches that address this vulnerability as soon as they become available from their distribution vendors. 2) Identify systems using the nct6775 driver by checking hardware sensor configurations and kernel module usage. 3) Temporarily disable chassis intrusion alarm monitoring if feasible, to avoid triggering the vulnerable code path until patches are applied. 4) Monitor kernel logs for oops or crash messages related to clear_caseopen or nct6775 to detect attempts to trigger the vulnerability. 5) For critical systems, consider kernel version upgrades to versions where the fix is included or use backported patches provided by trusted vendors. 6) Implement robust system monitoring and automated recovery mechanisms to minimize downtime in case of crashes. 7) Engage with hardware vendors to confirm compatibility and support for patched kernel versions. These steps go beyond generic advice by focusing on hardware-specific driver usage, proactive detection, and operational continuity.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-06-20T11:09:39.055Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d982ec4522896dcbe6076
Added to database: 5/21/2025, 9:09:02 AM
Last enriched: 6/30/2025, 8:26:01 PM
Last updated: 7/31/2025, 6:12:18 PM
Views: 11
Related Threats
CVE-2025-9092: CWE-400 Uncontrolled Resource Consumption in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0
LowCVE-2025-9089: Stack-based Buffer Overflow in Tenda AC20
HighCVE-2025-9088: Stack-based Buffer Overflow in Tenda AC20
HighCVE-2025-9087: Stack-based Buffer Overflow in Tenda AC20
HighCVE-2025-8878: CWE-94 Improper Control of Generation of Code ('Code Injection') in properfraction Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.