CVE-2022-48942: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: hwmon: Handle failure to register sensor with thermal zone correctly If an attempt is made to a sensor with a thermal zone and it fails, the call to devm_thermal_zone_of_sensor_register() may return -ENODEV. This may result in crashes similar to the following. Unable to handle kernel NULL pointer dereference at virtual address 00000000000003cd ... Internal error: Oops: 96000021 [#1] PREEMPT SMP ... pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : mutex_lock+0x18/0x60 lr : thermal_zone_device_update+0x40/0x2e0 sp : ffff800014c4fc60 x29: ffff800014c4fc60 x28: ffff365ee3f6e000 x27: ffffdde218426790 x26: ffff365ee3f6e000 x25: 0000000000000000 x24: ffff365ee3f6e000 x23: ffffdde218426870 x22: ffff365ee3f6e000 x21: 00000000000003cd x20: ffff365ee8bf3308 x19: ffffffffffffffed x18: 0000000000000000 x17: ffffdde21842689c x16: ffffdde1cb7a0b7c x15: 0000000000000040 x14: ffffdde21a4889a0 x13: 0000000000000228 x12: 0000000000000000 x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000 x8 : 0000000001120000 x7 : 0000000000000001 x6 : 0000000000000000 x5 : 0068000878e20f07 x4 : 0000000000000000 x3 : 00000000000003cd x2 : ffff365ee3f6e000 x1 : 0000000000000000 x0 : 00000000000003cd Call trace: mutex_lock+0x18/0x60 hwmon_notify_event+0xfc/0x110 0xffffdde1cb7a0a90 0xffffdde1cb7a0b7c irq_thread_fn+0x2c/0xa0 irq_thread+0x134/0x240 kthread+0x178/0x190 ret_from_fork+0x10/0x20 Code: d503201f d503201f d2800001 aa0103e4 (c8e47c02) Jon Hunter reports that the exact call sequence is: hwmon_notify_event() --> hwmon_thermal_notify() --> thermal_zone_device_update() --> update_temperature() --> mutex_lock() The hwmon core needs to handle all errors returned from calls to devm_thermal_zone_of_sensor_register(). If the call fails with -ENODEV, report that the sensor was not attached to a thermal zone but continue to register the hwmon device.
AI Analysis
Technical Summary
CVE-2022-48942 is a vulnerability identified in the Linux kernel's hardware monitoring (hwmon) subsystem, specifically related to the handling of sensor registration failures with thermal zones. The vulnerability arises when the function devm_thermal_zone_of_sensor_register() fails to register a sensor with a thermal zone and returns the error code -ENODEV. The hwmon core does not properly handle this failure, which can lead to a NULL pointer dereference in the kernel. This results in a kernel crash (kernel oops) due to attempts to access invalid memory addresses, as demonstrated by the provided kernel stack trace. The crash occurs during the call sequence involving hwmon_notify_event(), hwmon_thermal_notify(), thermal_zone_device_update(), update_temperature(), and mutex_lock(). The root cause is the lack of error handling for the sensor registration failure, causing the system to dereference a NULL pointer when it assumes the sensor was successfully attached to a thermal zone. The fix involves modifying the hwmon core to correctly handle the -ENODEV error by reporting that the sensor was not attached to a thermal zone but continuing to register the hwmon device without causing a crash. This vulnerability affects Linux kernel versions identified by the provided commit hashes and is present in systems that utilize the hwmon subsystem for thermal sensor management. No known exploits are reported in the wild at this time.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running vulnerable Linux kernel versions with hardware monitoring enabled, especially those relying on thermal sensors for system health and temperature management. A kernel crash caused by this vulnerability can lead to system instability, unexpected reboots, or denial of service (DoS), impacting availability of critical infrastructure, servers, or embedded devices. Organizations operating data centers, cloud services, or industrial control systems using Linux-based platforms may experience service disruptions. Although this vulnerability does not directly lead to privilege escalation or data leakage, the resulting denial of service can affect business continuity and operational reliability. In sectors such as finance, healthcare, manufacturing, and telecommunications, where Linux servers are prevalent, such disruptions can have significant operational and financial consequences. Additionally, the inability to properly monitor thermal conditions could lead to hardware damage if temperature anomalies go undetected, further increasing risk.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernel to the patched versions that include the fix for CVE-2022-48942. Specifically, they should apply the latest stable kernel releases or backported patches from their Linux distribution vendors that address the hwmon sensor registration error handling. System administrators should audit their environments to identify systems running vulnerable kernel versions with hwmon enabled. For embedded or specialized Linux systems, firmware or kernel updates should be coordinated with hardware vendors. Additionally, organizations should implement robust monitoring and alerting for kernel oops and system crashes to detect potential exploitation attempts or instability early. Where immediate patching is not feasible, consider disabling or limiting hwmon thermal sensor registration if it does not impact critical operations, as a temporary mitigation. Finally, maintain regular backups and ensure rapid recovery procedures are in place to minimize downtime in case of crashes.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Sweden, Finland, Belgium
CVE-2022-48942: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: hwmon: Handle failure to register sensor with thermal zone correctly If an attempt is made to a sensor with a thermal zone and it fails, the call to devm_thermal_zone_of_sensor_register() may return -ENODEV. This may result in crashes similar to the following. Unable to handle kernel NULL pointer dereference at virtual address 00000000000003cd ... Internal error: Oops: 96000021 [#1] PREEMPT SMP ... pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : mutex_lock+0x18/0x60 lr : thermal_zone_device_update+0x40/0x2e0 sp : ffff800014c4fc60 x29: ffff800014c4fc60 x28: ffff365ee3f6e000 x27: ffffdde218426790 x26: ffff365ee3f6e000 x25: 0000000000000000 x24: ffff365ee3f6e000 x23: ffffdde218426870 x22: ffff365ee3f6e000 x21: 00000000000003cd x20: ffff365ee8bf3308 x19: ffffffffffffffed x18: 0000000000000000 x17: ffffdde21842689c x16: ffffdde1cb7a0b7c x15: 0000000000000040 x14: ffffdde21a4889a0 x13: 0000000000000228 x12: 0000000000000000 x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000 x8 : 0000000001120000 x7 : 0000000000000001 x6 : 0000000000000000 x5 : 0068000878e20f07 x4 : 0000000000000000 x3 : 00000000000003cd x2 : ffff365ee3f6e000 x1 : 0000000000000000 x0 : 00000000000003cd Call trace: mutex_lock+0x18/0x60 hwmon_notify_event+0xfc/0x110 0xffffdde1cb7a0a90 0xffffdde1cb7a0b7c irq_thread_fn+0x2c/0xa0 irq_thread+0x134/0x240 kthread+0x178/0x190 ret_from_fork+0x10/0x20 Code: d503201f d503201f d2800001 aa0103e4 (c8e47c02) Jon Hunter reports that the exact call sequence is: hwmon_notify_event() --> hwmon_thermal_notify() --> thermal_zone_device_update() --> update_temperature() --> mutex_lock() The hwmon core needs to handle all errors returned from calls to devm_thermal_zone_of_sensor_register(). If the call fails with -ENODEV, report that the sensor was not attached to a thermal zone but continue to register the hwmon device.
AI-Powered Analysis
Technical Analysis
CVE-2022-48942 is a vulnerability identified in the Linux kernel's hardware monitoring (hwmon) subsystem, specifically related to the handling of sensor registration failures with thermal zones. The vulnerability arises when the function devm_thermal_zone_of_sensor_register() fails to register a sensor with a thermal zone and returns the error code -ENODEV. The hwmon core does not properly handle this failure, which can lead to a NULL pointer dereference in the kernel. This results in a kernel crash (kernel oops) due to attempts to access invalid memory addresses, as demonstrated by the provided kernel stack trace. The crash occurs during the call sequence involving hwmon_notify_event(), hwmon_thermal_notify(), thermal_zone_device_update(), update_temperature(), and mutex_lock(). The root cause is the lack of error handling for the sensor registration failure, causing the system to dereference a NULL pointer when it assumes the sensor was successfully attached to a thermal zone. The fix involves modifying the hwmon core to correctly handle the -ENODEV error by reporting that the sensor was not attached to a thermal zone but continuing to register the hwmon device without causing a crash. This vulnerability affects Linux kernel versions identified by the provided commit hashes and is present in systems that utilize the hwmon subsystem for thermal sensor management. No known exploits are reported in the wild at this time.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running vulnerable Linux kernel versions with hardware monitoring enabled, especially those relying on thermal sensors for system health and temperature management. A kernel crash caused by this vulnerability can lead to system instability, unexpected reboots, or denial of service (DoS), impacting availability of critical infrastructure, servers, or embedded devices. Organizations operating data centers, cloud services, or industrial control systems using Linux-based platforms may experience service disruptions. Although this vulnerability does not directly lead to privilege escalation or data leakage, the resulting denial of service can affect business continuity and operational reliability. In sectors such as finance, healthcare, manufacturing, and telecommunications, where Linux servers are prevalent, such disruptions can have significant operational and financial consequences. Additionally, the inability to properly monitor thermal conditions could lead to hardware damage if temperature anomalies go undetected, further increasing risk.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernel to the patched versions that include the fix for CVE-2022-48942. Specifically, they should apply the latest stable kernel releases or backported patches from their Linux distribution vendors that address the hwmon sensor registration error handling. System administrators should audit their environments to identify systems running vulnerable kernel versions with hwmon enabled. For embedded or specialized Linux systems, firmware or kernel updates should be coordinated with hardware vendors. Additionally, organizations should implement robust monitoring and alerting for kernel oops and system crashes to detect potential exploitation attempts or instability early. Where immediate patching is not feasible, consider disabling or limiting hwmon thermal sensor registration if it does not impact critical operations, as a temporary mitigation. Finally, maintain regular backups and ensure rapid recovery procedures are in place to minimize downtime in case of crashes.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-08-22T01:27:53.623Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d982fc4522896dcbe668e
Added to database: 5/21/2025, 9:09:03 AM
Last enriched: 6/30/2025, 11:57:34 PM
Last updated: 8/9/2025, 12:37:47 AM
Views: 11
Related Threats
CVE-2025-8838: Improper Authentication in WinterChenS my-site
MediumCVE-2025-8837: Use After Free in JasPer
MediumCVE-2025-8661: Vulnerability in Broadcom Symantec PGP Encryption
MediumCVE-2025-8836: Reachable Assertion in JasPer
MediumCVE-2025-8747: CWE-502 Deserialization of Untrusted Data in Google Keras
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.