CVE-2022-48850: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-48850 is a vulnerability in the Linux kernel's net-sysfs subsystem, specifically affecting the speed_show functionality. The vulnerability was discovered and disclosed in July 2024, affecting multiple versions of the Linux kernel up to versions 4.9.307, 4.14.272, 4.19.235, 5.4.185, 5.10.106, 5.15.29, and 5.16.15. This vulnerability is related to a NULL pointer dereference issue that occurs when accessing sysfs paths during netdevice shutdown (NVD).

The vulnerability occurs in the net-sysfs subsystem when accessing the sysfs path during netdevice shutdown or system shutdown. The issue manifests as a NULL pointer dereference when the device is already removed, specifically in the speed_show functionality. The vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 (MEDIUM) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H and is classified as CWE-476 (NULL Pointer Dereference) (NVD).

When exploited, this vulnerability can trigger a kernel panic while accessing the sysfs path because the device is already removed. This occurs specifically during netdevice shutdown or system shutdown operations, potentially leading to system crashes and denial of service conditions (Kernel Patch).

The vulnerability has been patched by adding a check for netdevice presence in the speed_show functionality. The fix involves modifying the condition to ensure that the netdevice is both running and present before accessing it. The patch has been implemented across multiple kernel versions (Kernel Patch).