CVE-2022-49692: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49692 is a NULL pointer dereference vulnerability affecting the Linux kernel's network PHY driver (at803x) for AR9331 PHY and other related PHYs (QCA8081, QCA9561). The vulnerability was discovered and disclosed on February 26, 2025, affecting Linux kernel versions from 5.18 up to but not including 5.18.8, as well as version 5.19-rc1 through 5.19-rc3 (NVD).

The vulnerability occurs in the PHY interrupt configuration process where the kernel attempts to access an unallocated private data structure. This results in a NULL pointer dereference when the kernel tries to configure interrupts for the AR9331 PHY device. The issue stems from a dependency on allocated private data that wasn't properly initialized before access. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability causes a kernel crash due to the NULL pointer dereference, leading to a denial of service condition. The issue specifically manifests during the PHY interrupt configuration process, affecting system stability and availability (Kernel Patch).

The vulnerability has been patched by adding proper probe and remove functions to the affected PHY drivers. The fix ensures that the private data structure is properly allocated before the interrupt configuration process. The patch has been implemented in the Linux kernel source code and is available through kernel updates (Kernel Patch).