{"id":"CVE-2022-48942","summary":"hwmon: Handle failure to register sensor with thermal zone correctly","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: Handle failure to register sensor with thermal zone correctly\n\nIf an attempt is made to a sensor with a thermal zone and it fails,\nthe call to devm_thermal_zone_of_sensor_register() may return -ENODEV.\nThis may result in crashes similar to the following.\n\nUnable to handle kernel NULL pointer dereference at virtual address 00000000000003cd\n...\nInternal error: Oops: 96000021 [#1] PREEMPT SMP\n...\npstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : mutex_lock+0x18/0x60\nlr : thermal_zone_device_update+0x40/0x2e0\nsp : ffff800014c4fc60\nx29: ffff800014c4fc60 x28: ffff365ee3f6e000 x27: ffffdde218426790\nx26: ffff365ee3f6e000 x25: 0000000000000000 x24: ffff365ee3f6e000\nx23: ffffdde218426870 x22: ffff365ee3f6e000 x21: 00000000000003cd\nx20: ffff365ee8bf3308 x19: ffffffffffffffed x18: 0000000000000000\nx17: ffffdde21842689c x16: ffffdde1cb7a0b7c x15: 0000000000000040\nx14: ffffdde21a4889a0 x13: 0000000000000228 x12: 0000000000000000\nx11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\nx8 : 0000000001120000 x7 : 0000000000000001 x6 : 0000000000000000\nx5 : 0068000878e20f07 x4 : 0000000000000000 x3 : 00000000000003cd\nx2 : ffff365ee3f6e000 x1 : 0000000000000000 x0 : 00000000000003cd\nCall trace:\n mutex_lock+0x18/0x60\n hwmon_notify_event+0xfc/0x110\n 0xffffdde1cb7a0a90\n 0xffffdde1cb7a0b7c\n irq_thread_fn+0x2c/0xa0\n irq_thread+0x134/0x240\n kthread+0x178/0x190\n ret_from_fork+0x10/0x20\nCode: d503201f d503201f d2800001 aa0103e4 (c8e47c02)\n\nJon Hunter reports that the exact call sequence is:\n\nhwmon_notify_event()\n  --\u003e hwmon_thermal_notify()\n    --\u003e thermal_zone_device_update()\n      --\u003e update_temperature()\n        --\u003e mutex_lock()\n\nThe hwmon core needs to handle all errors returned from calls\nto devm_thermal_zone_of_sensor_register(). If the call fails\nwith -ENODEV, report that the sensor was not attached to a\nthermal zone  but continue to register the hwmon device.","modified":"2026-04-02T08:27:09.577165Z","published":"2024-08-22T03:30:12.812Z","related":["SUSE-SU-2024:3190-1","SUSE-SU-2024:3209-1","SUSE-SU-2024:3227-1","SUSE-SU-2024:3408-1","SUSE-SU-2024:3483-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48942.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1b5f517cca36292076d9e38fa6e33a257703e62e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7efe8499cb90651c540753f4269d2d43ede14223"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8a1969e14ad93663f9a3ed02ccc2138da9956a0e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/962b2a3188bfa5388756ffbc47dfa5ff59cb8011"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48942.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48942"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1597b374af22266266e1e20612208c4b11359ad4"},{"fixed":"962b2a3188bfa5388756ffbc47dfa5ff59cb8011"},{"fixed":"7efe8499cb90651c540753f4269d2d43ede14223"},{"fixed":"8a1969e14ad93663f9a3ed02ccc2138da9956a0e"},{"fixed":"1b5f517cca36292076d9e38fa6e33a257703e62e"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48942.json"}}],"schema_version":"1.7.5"}