CVE-2022-49895

MEDIUM 5.5

cxl/region: Fix decoder allocation crash

CVSS Score

5.5

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix decoder allocation crash When an intermediate port's decoders have been exhausted by existing regions, and creating a new region with the port in question in it's hierarchical path is attempted, cxl_port_attach_region() fails to find a port decoder (as would be expected), and drops into the failure / cleanup path. However, during cleanup of the region reference, a sanity check attempts to dereference the decoder, which in the above case didn't exist. This causes a NULL pointer dereference BUG. To fix this, refactor the decoder allocation and de-allocation into helper routines, and in this 'free' routine, check that the decoder, @cxld, is valid before attempting any operations on it.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	May 1, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new medium vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

384e624bb211b406db40edc900bb51af8bb267d0 < c6813b5610ac53af73edd87a660d23a0511faa47 384e624bb211b406db40edc900bb51af8bb267d0 < 71ee71d7adcba648077997a29a91158d20c40b09

Linux / Linux

6.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/c6813b5610ac53af73edd87a660d23a0511faa47 git.kernel.org: https://git.kernel.org/stable/c/71ee71d7adcba648077997a29a91158d20c40b09