VYPR
Medium severity5.5NVD Advisory· Published May 3, 2024· Updated Jun 1, 2026

CVE-2022-48703

CVE-2022-48703

Description

In the Linux kernel, the following vulnerability has been resolved:

thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR

In some case, the GDDV returns a package with a buffer which has zero length. It causes that kmemdup() returns ZERO_SIZE_PTR (0x10).

Then the data_vault_read() got NULL point dereference problem when accessing the 0x10 value in data_vault.

[ 71.024560] BUG: kernel NULL pointer dereference, address: 0000000000000010

This patch uses ZERO_OR_NULL_PTR() for checking ZERO_SIZE_PTR or NULL value in data_vault.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

104

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.