CVE-2022-50272
📋 TL;DR
This vulnerability is a null pointer dereference in the Linux kernel's DVB USB driver for the AZ6027 device. It allows local attackers to cause a kernel panic (denial of service) by triggering a specific I2C transfer with a null buffer. Systems using the affected DVB USB driver are vulnerable.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially requiring physical reboot.
Likely Case
Local denial of service through kernel crash when malicious I2C operations are performed.
If Mitigated
Minimal impact with proper access controls preventing unprivileged users from performing I2C operations.
🎯 Exploit Status
Requires local access and ability to perform I2C operations on the vulnerable device interface.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing fix commits: 0ed554fd769a19ea8464bb83e9ac201002ef74ad and others listed in references
Vendor Advisory: https://git.kernel.org/stable/c/0ed554fd769a19ea8464bb83e9ac201002ef74ad
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel package. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable vulnerable module
LinuxBlacklist or disable the dvb_usb_az6027 kernel module
echo 'blacklist dvb_usb_az6027' >> /etc/modprobe.d/blacklist.conf
rmmod dvb_usb_az6027
🧯 If You Can't Patch
- Restrict access to I2C device files (/dev/i2c-*) to trusted users only
- Remove or disconnect AZ6027 DVB USB hardware if not needed
🔍 How to Verify
Check if Vulnerable:
Check if dvb_usb_az6027 module is loaded: lsmod | grep dvb_usb_az6027Check Version:
uname -rVerify Fix Applied:
Check kernel version against patched versions from distribution vendor📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- null pointer dereference errors in kernel logs
- general protection fault errors
Network Indicators:
- None - local vulnerability only
SIEM Query:
kernel: "general protection fault" OR "null-ptr-deref" OR "KASAN: null-ptr-deref"🔗 References
- https://git.kernel.org/stable/c/0ed554fd769a19ea8464bb83e9ac201002ef74ad
- https://git.kernel.org/stable/c/210fcf64be4db82c0e190e74b5111e4eef661a7a
- https://git.kernel.org/stable/c/2b6a8a1a32746981044e7ab06649c804acb4068a
- https://git.kernel.org/stable/c/559891d430e3f3a178040c4371ed419edbfa7d65
- https://git.kernel.org/stable/c/6b60cf73a931af34b7a0a3f467a79d9fe0df2d70
- https://git.kernel.org/stable/c/6fbc44731a4665cbe92a5090e9804a388a72214b
- https://git.kernel.org/stable/c/7abfe467cd685f5da7ecb415441e45e3e4e2baa8
- https://git.kernel.org/stable/c/8b256d23361c51aa4b7fdb71176c1ca50966fb39
- https://git.kernel.org/stable/c/c712d1ccbfb787620422b437a5b8fac0802547bd
