SB20250619241 - NULL pointer dereference in Linux kernel staging rtl8712 driver

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2022-49956)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the r871x_internal_cmd_hdl() and cmd_hdl_filter() functions in drivers/staging/rtl8712/rtl8712_cmd.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/19e3f69d19801940abc2ac37c169882769ed9770
• https://git.kernel.org/stable/c/376e15487fec837301d888068a3fcc82efb6171a
• https://git.kernel.org/stable/c/7dce6b0ee7d78667d6c831ced957a08769973063
• https://git.kernel.org/stable/c/9fd6170c5e2d0ccd027abe26f6f5ffc528e1bb27
• https://git.kernel.org/stable/c/b1727def850904e4b8ba384043775672841663a1
• https://git.kernel.org/stable/c/d0aac7146e96bf39e79c65087d21dfa02ef8db38
• https://git.kernel.org/stable/c/dc02aaf950015850e7589696521c7fca767cea77
• https://git.kernel.org/stable/c/e230a4455ac3e9b112f0367d1b8e255e141afae0
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.293
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.258
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.328
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.142
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.66
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.8
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.213
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0