CVE-2022-48750: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-48750 affects the Linux kernel's hardware monitoring (hwmon) subsystem, specifically in the nct6775 driver. The vulnerability was discovered when clearing the chassis intrusion alarm, which could lead to a NULL pointer dereference. The issue was first reported in June 2024 and affects Linux kernel versions from 5.16 up to (excluding) 5.16.5, and version 5.17-rc1 (NVD).

The vulnerability occurs in the clearcaseopen() function of the nct6775 driver. The root cause is that the device passed to clearcaseopen() is the hwmon device instead of the platform device, and the platform data is not set in the hwmon device. This leads to a NULL pointer dereference when attempting to access the platform data. The issue was introduced by commit 2e7b9886968b which modified the usage of superio*() function pointers in siodata (Kernel Patch). The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (MEDIUM) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability causes a kernel crash due to the NULL pointer dereference, leading to a denial of service condition. The crash occurs specifically when attempting to clear the chassis intrusion alarm on affected systems (Kernel Patch).

The issue has been fixed by storing the pointer to siodata in struct nct6775data and retrieving it from there when needed. The fix was implemented in kernel patches and is available in updated kernel versions. Users should upgrade to Linux kernel version 5.16.5 or later to address this vulnerability (Kernel Patch).