{"id":"CVE-2022-49424","summary":"iommu/mediatek: Fix NULL pointer dereference when printing dev_name","details":"In the Linux kernel, the following vulnerability has been resolved:\n\niommu/mediatek: Fix NULL pointer dereference when printing dev_name\n\nWhen larbdev is NULL (in the case I hit, the node is incorrectly set\niommus = \u003c&iommu NUM\u003e), it will cause device_link_add() fail and\nkernel crashes when we try to print dev_name(larbdev).\n\nLet's fail the probe if a larbdev is NULL to avoid invalid inputs from\ndts.\n\nIt should work for normal correct setting and avoid the crash caused\nby my incorrect setting.\n\nError log:\n[   18.189042][  T301] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000050\n...\n[   18.344519][  T301] pstate: a0400005 (NzCv daif +PAN -UAO)\n[   18.345213][  T301] pc : mtk_iommu_probe_device+0xf8/0x118 [mtk_iommu]\n[   18.346050][  T301] lr : mtk_iommu_probe_device+0xd0/0x118 [mtk_iommu]\n[   18.346884][  T301] sp : ffffffc00a5635e0\n[   18.347392][  T301] x29: ffffffc00a5635e0 x28: ffffffd44a46c1d8\n[   18.348156][  T301] x27: ffffff80c39a8000 x26: ffffffd44a80cc38\n[   18.348917][  T301] x25: 0000000000000000 x24: ffffffd44a80cc38\n[   18.349677][  T301] x23: ffffffd44e4da4c6 x22: ffffffd44a80cc38\n[   18.350438][  T301] x21: ffffff80cecd1880 x20: 0000000000000000\n[   18.351198][  T301] x19: ffffff80c439f010 x18: ffffffc00a50d0c0\n[   18.351959][  T301] x17: ffffffffffffffff x16: 0000000000000004\n[   18.352719][  T301] x15: 0000000000000004 x14: ffffffd44eb5d420\n[   18.353480][  T301] x13: 0000000000000ad2 x12: 0000000000000003\n[   18.354241][  T301] x11: 00000000fffffad2 x10: c0000000fffffad2\n[   18.355003][  T301] x9 : a0d288d8d7142d00 x8 : a0d288d8d7142d00\n[   18.355763][  T301] x7 : ffffffd44c2bc640 x6 : 0000000000000000\n[   18.356524][  T301] x5 : 0000000000000080 x4 : 0000000000000001\n[   18.357284][  T301] x3 : 0000000000000000 x2 : 0000000000000005\n[   18.358045][  T301] x1 : 0000000000000000 x0 : 0000000000000000\n[   18.360208][  T301] Hardware name: MT6873 (DT)\n[   18.360771][  T301] Call trace:\n[   18.361168][  T301]  dump_backtrace+0xf8/0x1f0\n[   18.361737][  T301]  dump_stack_lvl+0xa8/0x11c\n[   18.362305][  T301]  dump_stack+0x1c/0x2c\n[   18.362816][  T301]  mrdump_common_die+0x184/0x40c [mrdump]\n[   18.363575][  T301]  ipanic_die+0x24/0x38 [mrdump]\n[   18.364230][  T301]  atomic_notifier_call_chain+0x128/0x2b8\n[   18.364937][  T301]  die+0x16c/0x568\n[   18.365394][  T301]  __do_kernel_fault+0x1e8/0x214\n[   18.365402][  T301]  do_page_fault+0xb8/0x678\n[   18.366934][  T301]  do_translation_fault+0x48/0x64\n[   18.368645][  T301]  do_mem_abort+0x68/0x148\n[   18.368652][  T301]  el1_abort+0x40/0x64\n[   18.368660][  T301]  el1h_64_sync_handler+0x54/0x88\n[   18.368668][  T301]  el1h_64_sync+0x68/0x6c\n[   18.368673][  T301]  mtk_iommu_probe_device+0xf8/0x118 [mtk_iommu]\n...","modified":"2026-04-02T08:27:34.183511Z","published":"2025-02-26T02:12:46.209Z","related":["SUSE-SU-2025:1027-1","SUSE-SU-2025:1176-1","SUSE-SU-2025:1183-1","SUSE-SU-2025:1241-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49424.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/8837c2682b9b2eed83e6212bcf79850c593a6fee"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c3c2734e28d7fac50228c4d2b8896e8695adf304"},{"type":"WEB","url":"https://git.kernel.org/stable/c/de78657e16f41417da9332f09c2d67d100096939"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e9c63c0f73a1bbfd02624f5eae7e881df8b6830f"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49424.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49424"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"77fbe028d5a3f7fc6060c4454ead9510533acd1e"},{"fixed":"c3c2734e28d7fac50228c4d2b8896e8695adf304"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"18ea450ed1b60c1bb336f5efe874f61909ce7bec"},{"fixed":"e9c63c0f73a1bbfd02624f5eae7e881df8b6830f"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"635319a4a7444ca97124d781cd96deb277ff4d40"},{"fixed":"8837c2682b9b2eed83e6212bcf79850c593a6fee"},{"fixed":"de78657e16f41417da9332f09c2d67d100096939"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"b7bf68272b6ae7c469854e2e054db1db1d158999"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49424.json"}}],"schema_version":"1.7.5"}