[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-48868":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":38,"related":39,"reserved_at":9,"published_at":45,"modified_at":46,"state":47,"summary":48,"references_raw":57,"kevs":72,"epss":73,"epss_history":76,"metrics":311,"affected":317},"CVE-2022-48868","In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Let probe fail when workqueue cannot be enabled\n\nThe workqueue is enabled when the appropriate driver is loaded and\ndisabled when the driver is removed. When the driver is removed it\nassumes that the workqueue was enabled successfully and proceeds to\nfree allocations made during workqueue enabling.\n\nFailure during workqueue enabling does not prevent the driver from\nbeing loaded. This is because the error path within drv_enable_wq()\nreturns success unless a second failure is encountered\nduring the error path. By returning success it is possible to load\nthe driver even if the workqueue cannot be enabled and\nallocations that do not exist are attempted to be freed during\ndriver remove.\n\nSome examples of problematic flows:\n(a)\n\n idxd_dmaengine_drv_probe() -> drv_enable_wq() -> idxd_wq_request_irq():\n In above flow, if idxd_wq_request_irq() fails then\n idxd_wq_unmap_portal() is called on error exit path, but\n drv_enable_wq() returns 0 because idxd_wq_disable() succeeds. The\n driver is thus loaded successfully.\n\n idxd_dmaengine_drv_remove()->drv_disable_wq()->idxd_wq_unmap_portal()\n Above flow on driver unload triggers the WARN in devm_iounmap() because\n the device resource has already been removed during error path of\n drv_enable_wq().\n\n(b)\n\n idxd_dmaengine_drv_probe() -> drv_enable_wq() -> idxd_wq_request_irq():\n In above flow, if idxd_wq_request_irq() fails then\n idxd_wq_init_percpu_ref() is never called to initialize the percpu\n counter, yet the driver loads successfully because drv_enable_wq()\n returns 0.\n\n idxd_dmaengine_drv_remove()->__idxd_wq_quiesce()->percpu_ref_kill():\n Above flow on driver unload triggers a BUG when attempting to drop the\n initial ref of the uninitialized percpu ref:\n BUG: kernel NULL pointer dereference, address: 0000000000000010\n\nFix the drv_enable_wq() error path by returning the original error that\nindicates failure of workqueue enabling. This ensures that the probe\nfails when an error is encountered and the driver remove paths are only\nattempted when the workqueue was enabled successfully.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-476","NULL Pointer Dereference","The product dereferences a pointer that it expects to be valid but is NULL.","weakness","Stable","Base","Medium",[],[],[],[],[24,26,28,30,32,34,36],{"_key":25},"SUSE-SU-2024:3227-1",{"_key":27},"SUSE-SU-2024:3408-1",{"_key":29},"SUSE-SU-2024:3190-1",{"_key":31},"SUSE-SU-2024:3209-1",{"_key":33},"SUSE-SU-2024:3483-1",{"_key":35},"UBUNTU-CVE-2022-48868",{"_key":37},"DEBIAN-CVE-2022-48868",[],[40,41,42,43,44],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},"2024-08-21T06:09:58.431Z","2026-05-11T18:48:42.790Z","Analyzed",{"cisa_kev":49,"cisa_ransomware":49,"cisa_vendor":9,"epss_severity":50,"epss_score":51,"severity":52,"severity_score":53,"severity_version":54,"severity_source":55,"severity_vector":56,"severity_status":47},false,"low",0.00015,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[58,64,68],{"url":59,"sources":60,"tags":62},"https://git.kernel.org/stable/c/0f150134dd795ffcd60b798a85ab737d8d010fb7",[61,55],"cve.org",[63],"Patch",{"url":65,"sources":66,"tags":67},"https://git.kernel.org/stable/c/99dc4520b74e7ca8e9dc9abe37a0b10b49467960",[61,55],[63],{"url":69,"sources":70,"tags":71},"https://git.kernel.org/stable/c/b51b75f0604f17c0f6f3b6f68f1a521a5cc6b04f",[61,55],[63],[],{"date":74,"score":51,"percentile":75},"2026-06-03",0.03347,[77,81,84,87,90,93,95,97,100,103,106,108,110,112,114,118,121,124,127,130,133,135,137,140,142,144,147,150,153,156,159,162,165,168,170,173,176,179,182,184,187,189,192,195,197,199,201,204,206,208,210,213,216,219,222,224,226,228,230,232,234,236,238,240,242,244,246,249,252,255,257,260,263,265,267,269,272,274,276,279,282,285,288,291,293,296,299,302,305,308],{"date":78,"score":79,"percentile":80},"2025-11-04",0.00009,0.00603,{"date":82,"score":79,"percentile":83},"2025-11-05",0.00604,{"date":85,"score":79,"percentile":86},"2025-11-06",0.00605,{"date":88,"score":79,"percentile":89},"2025-11-07",0.00607,{"date":91,"score":79,"percentile":92},"2025-11-08",0.00606,{"date":94,"score":79,"percentile":86},"2025-11-09",{"date":96,"score":79,"percentile":80},"2025-11-10",{"date":98,"score":79,"percentile":99},"2025-11-11",0.00602,{"date":101,"score":79,"percentile":102},"2025-11-12",0.00599,{"date":104,"score":79,"percentile":105},"2025-11-13",0.00598,{"date":107,"score":79,"percentile":99},"2025-11-14",{"date":109,"score":79,"percentile":86},"2025-11-15",{"date":111,"score":79,"percentile":86},"2025-11-16",{"date":113,"score":79,"percentile":99},"2025-11-17",{"date":115,"score":116,"percentile":117},"2025-11-18",0.00055,0.12777,{"date":119,"score":116,"percentile":120},"2025-11-19",0.12798,{"date":122,"score":116,"percentile":123},"2025-11-20",0.12811,{"date":125,"score":79,"percentile":126},"2025-11-21",0.00615,{"date":128,"score":79,"percentile":129},"2025-11-22",0.00613,{"date":131,"score":79,"percentile":132},"2025-11-23",0.0061,{"date":134,"score":79,"percentile":89},"2025-11-24",{"date":136,"score":79,"percentile":92},"2025-11-25",{"date":138,"score":79,"percentile":139},"2025-11-26",0.006,{"date":141,"score":79,"percentile":102},"2025-11-27",{"date":143,"score":79,"percentile":99},"2025-11-28",{"date":145,"score":79,"percentile":146},"2025-11-29",0.00617,{"date":148,"score":79,"percentile":149},"2025-11-30",0.00619,{"date":151,"score":79,"percentile":152},"2025-12-01",0.00621,{"date":154,"score":79,"percentile":155},"2025-12-02",0.0062,{"date":157,"score":79,"percentile":158},"2025-12-03",0.00623,{"date":160,"score":79,"percentile":161},"2025-12-04",0.00626,{"date":163,"score":79,"percentile":164},"2025-12-05",0.00634,{"date":166,"score":79,"percentile":167},"2025-12-06",0.00632,{"date":169,"score":79,"percentile":167},"2025-12-07",{"date":171,"score":79,"percentile":172},"2025-12-08",0.00636,{"date":174,"score":79,"percentile":175},"2025-12-09",0.00649,{"date":177,"score":79,"percentile":178},"2025-12-10",0.00658,{"date":180,"score":79,"percentile":181},"2025-12-11",0.00656,{"date":183,"score":79,"percentile":178},"2025-12-12",{"date":185,"score":79,"percentile":186},"2025-12-13",0.00657,{"date":188,"score":79,"percentile":186},"2025-12-14",{"date":190,"score":79,"percentile":191},"2025-12-15",0.0065,{"date":193,"score":79,"percentile":194},"2025-12-16",0.00654,{"date":196,"score":79,"percentile":181},"2025-12-17",{"date":198,"score":79,"percentile":194},"2025-12-18",{"date":200,"score":79,"percentile":181},"2025-12-19",{"date":202,"score":79,"percentile":203},"2025-12-20",0.00655,{"date":205,"score":79,"percentile":194},"2025-12-21",{"date":207,"score":79,"percentile":186},"2025-12-22",{"date":209,"score":79,"percentile":186},"2025-12-23",{"date":211,"score":79,"percentile":212},"2025-12-24",0.00659,{"date":214,"score":79,"percentile":215},"2025-12-25",0.0066,{"date":217,"score":79,"percentile":218},"2025-12-26",0.00664,{"date":220,"score":79,"percentile":221},"2025-12-27",0.00662,{"date":223,"score":79,"percentile":221},"2025-12-28",{"date":225,"score":79,"percentile":215},"2025-12-29",{"date":227,"score":79,"percentile":178},"2025-12-30",{"date":229,"score":79,"percentile":203},"2025-12-31",{"date":231,"score":79,"percentile":178},"2026-01-01",{"date":233,"score":79,"percentile":221},"2026-01-02",{"date":235,"score":79,"percentile":218},"2026-01-03",{"date":237,"score":79,"percentile":186},"2026-01-04",{"date":239,"score":79,"percentile":212},"2026-01-05",{"date":241,"score":79,"percentile":215},"2026-01-06",{"date":243,"score":79,"percentile":186},"2026-01-07",{"date":245,"score":79,"percentile":221},"2026-01-08",{"date":247,"score":79,"percentile":248},"2026-01-09",0.00669,{"date":250,"score":79,"percentile":251},"2026-01-10",0.00671,{"date":253,"score":79,"percentile":254},"2026-01-11",0.0067,{"date":256,"score":79,"percentile":248},"2026-01-12",{"date":258,"score":79,"percentile":259},"2026-01-13",0.00667,{"date":261,"score":79,"percentile":262},"2026-01-14",0.00666,{"date":264,"score":79,"percentile":248},"2026-01-15",{"date":266,"score":79,"percentile":248},"2026-01-16",{"date":268,"score":79,"percentile":248},"2026-01-17",{"date":270,"score":79,"percentile":271},"2026-01-18",0.00673,{"date":273,"score":79,"percentile":254},"2026-01-19",{"date":275,"score":79,"percentile":262},"2026-01-20",{"date":277,"score":79,"percentile":278},"2026-01-21",0.00663,{"date":280,"score":79,"percentile":281},"2026-01-22",0.00665,{"date":283,"score":79,"percentile":284},"2026-01-23",0.00672,{"date":286,"score":79,"percentile":287},"2026-01-24",0.00676,{"date":289,"score":79,"percentile":290},"2026-01-25",0.00677,{"date":292,"score":79,"percentile":290},"2026-01-26",{"date":294,"score":79,"percentile":295},"2026-01-27",0.00681,{"date":297,"score":79,"percentile":298},"2026-01-28",0.0068,{"date":300,"score":79,"percentile":301},"2026-01-29",0.00683,{"date":303,"score":79,"percentile":304},"2026-01-30",0.00691,{"date":306,"score":79,"percentile":307},"2026-01-31",0.00697,{"date":309,"score":79,"percentile":310},"2026-02-01",0.007,[312],{"source":55,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":313,"cvss_v4_0":9},{"baseScore":53,"baseSeverity":314,"vectorString":56,"impactScore":315,"exploitabilityScore":316},"MEDIUM",6,4.6,[318,338],{"ecosystem":9,"name":319,"vendor":320,"product":320,"cpe_part":321,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":322},"Linux","linux","a",[323,330,333,336],{"version":324,"is_range":325,"range_type":61,"version_start":326,"version_start_type":327,"version_end":328,"version_end_type":329,"fixed_in":9},">= 1f2bb40337f0df1d9af80793e9fdacff7706e654, \u003C 0f150134dd795ffcd60b798a85ab737d8d010fb7",true,"1f2bb40337f0df1d9af80793e9fdacff7706e654","including","0f150134dd795ffcd60b798a85ab737d8d010fb7","excluding",{"version":331,"is_range":325,"range_type":61,"version_start":326,"version_start_type":327,"version_end":332,"version_end_type":329,"fixed_in":9},">= 1f2bb40337f0df1d9af80793e9fdacff7706e654, \u003C 99dc4520b74e7ca8e9dc9abe37a0b10b49467960","99dc4520b74e7ca8e9dc9abe37a0b10b49467960",{"version":334,"is_range":325,"range_type":61,"version_start":326,"version_start_type":327,"version_end":335,"version_end_type":329,"fixed_in":9},">= 1f2bb40337f0df1d9af80793e9fdacff7706e654, \u003C b51b75f0604f17c0f6f3b6f68f1a521a5cc6b04f","b51b75f0604f17c0f6f3b6f68f1a521a5cc6b04f",{"version":337,"is_range":49,"range_type":61,"version_start":337,"version_start_type":327,"version_end":337,"version_end_type":327,"fixed_in":9},"5.15",{"ecosystem":9,"name":339,"vendor":320,"product":340,"cpe_part":341,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":342},"linux kernel","linux_kernel","o",[343,347],{"version":344,"is_range":325,"range_type":345,"version_start":337,"version_start_type":327,"version_end":346,"version_end_type":329,"fixed_in":9},"gte5.15_lt5.15.90","cpe","5.15.90",{"version":348,"is_range":325,"range_type":345,"version_start":349,"version_start_type":327,"version_end":350,"version_end_type":329,"fixed_in":9},"gte5.16_lt6.1.8","5.16","6.1.8"]