{"id":"CVE-2022-49195","summary":"net: dsa: fix panic on shutdown if multi-chip tree failed to probe","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: fix panic on shutdown if multi-chip tree failed to probe\n\nDSA probing is atypical because a tree of devices must probe all at\nonce, so out of N switches which call dsa_tree_setup_routing_table()\nduring probe, for (N - 1) of them, \"complete\" will return false and they\nwill exit probing early. The Nth switch will set up the whole tree on\ntheir behalf.\n\nThe implication is that for (N - 1) switches, the driver binds to the\ndevice successfully, without doing anything. When the driver is bound,\nthe -\u003eshutdown() method may run. But if the Nth switch has failed to\ninitialize the tree, there is nothing to do for the (N - 1) driver\ninstances, since the slave devices have not been created, etc. Moreover,\ndsa_switch_shutdown() expects that the calling @ds has been in fact\ninitialized, so it jumps at dereferencing the various data structures,\nwhich is incorrect.\n\nAvoid the ensuing NULL pointer dereferences by simply checking whether\nthe Nth switch has previously set \"ds-\u003esetup = true\" for the switch\nwhich is currently shutting down. The entire setup is serialized under\ndsa2_mutex which we already hold.","modified":"2026-04-02T08:27:22.838560Z","published":"2025-02-26T01:55:40.082Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49195.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/8fd36358ce82382519b50b05f437493e1e00c4a9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/95df5cd5a446df6738d2d45872e08594819080e4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b6e668ff43ebd87ccc8a19e5481345c428672295"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b864d5350c18bea9369d0bdd9e7eb6f6172cc283"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49195.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49195"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0650bf52b31ff35dc6430fc2e37969c36baba724"},{"fixed":"95df5cd5a446df6738d2d45872e08594819080e4"},{"fixed":"b6e668ff43ebd87ccc8a19e5481345c428672295"},{"fixed":"b864d5350c18bea9369d0bdd9e7eb6f6172cc283"},{"fixed":"8fd36358ce82382519b50b05f437493e1e00c4a9"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49195.json"}}],"schema_version":"1.7.5"}