CVE-2022-49930— RDMA/hns: Fix NULL pointer problem in free_mr_init()

EPSS 0.07% · P22 Updated May 13, 2026

Affected Version Matrix 6

Vendor	Product	Version Range	Status
Linux	Linux	`70f92521584f1d1e8268311ee84413307b0fdea8< 0e23e85d86b78e734dd6654f1b69fbaeb5534c81`	affected
		`70f92521584f1d1e8268311ee84413307b0fdea8< 12bcaf87d8b66d8cd812479c8a6349dcb245375c`	affected
		`5.18`	affected
		`< 5.18`	unaffected
		`6.0.8≤ 6.0.*`	unaffected
		`6.1≤ *`	unaffected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-49930

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

RDMA/hns: Fix NULL pointer problem in free_mr_init()

Source: NVD (National Vulnerability Database)

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix NULL pointer problem in free_mr_init() Lock grab occurs in a concurrent scenario, resulting in stepping on a NULL pointer. It should be init mutex_init() first before use the lock. Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 Call trace: __mutex_lock.constprop.0+0xd0/0x5c0 __mutex_lock_slowpath+0x1c/0x2c mutex_lock+0x44/0x50 free_mr_send_cmd_to_hw+0x7c/0x1c0 [hns_roce_hw_v2] hns_roce_v2_dereg_mr+0x30/0x40 [hns_roce_hw_v2] hns_roce_dereg_mr+0x4c/0x130 [hns_roce_hw_v2] ib_dereg_mr_user+0x54/0x124 uverbs_free_mr+0x24/0x30 destroy_hw_idr_uobject+0x38/0x74 uverbs_destroy_uobject+0x48/0x1c4 uobj_destroy+0x74/0xcc ib_uverbs_cmd_verbs+0x368/0xbb0 ib_uverbs_ioctl+0xec/0x1a4 __arm64_sys_ioctl+0xb4/0x100 invoke_syscall+0x50/0x120 el0_svc_common.constprop.0+0x58/0x190 do_el0_svc+0x30/0x90 el0_svc+0x2c/0xb4 el0t_64_sync_handler+0x1a4/0x1b0 el0t_64_sync+0x19c/0x1a0

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于RDMA hns free_mr_init空指针问题，可能导致系统崩溃。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Linux	Linux	70f92521584f1d1e8268311ee84413307b0fdea8 ~ 0e23e85d86b78e734dd6654f1b69fbaeb5534c81	-
Linux	Linux	5.18	-

II. Public POCs for CVE-2022-49930

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-49930

请登录查看更多情报信息。

Same Patch Batch · Linux · 2025-05-01 · 245 CVEs total

CVE-2022-49852		riscv: process: fix kernel info leakage
CVE-2022-49836		siox: fix possible memory leak in siox_device_add()
CVE-2022-49837		bpf: Fix memory leaks in __check_func_call
CVE-2022-49838		sctp: clear out_curr if all frag chunks of current msg are pruned
CVE-2022-49840		bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
CVE-2022-49839		scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
CVE-2022-49841		serial: imx: Add missing .thaw_noirq hook
CVE-2022-49842		ASoC: core: Fix use-after-free in snd_soc_exit()
CVE-2022-49844		can: dev: fix skb drop check
CVE-2022-49845		can: j1939: j1939_send_one(): fix missing CAN header initialization
CVE-2022-49846		udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
CVE-2022-49847		net: ethernet: ti: am65-cpsw: Fix segmentation fault at module unload
CVE-2022-49849		btrfs: fix match incorrectly in dev_args_match_device
CVE-2022-49848		phy: qcom-qmp-combo: fix NULL-deref on runtime resume
CVE-2022-49850		nilfs2: fix deadlock in nilfs_count_free_blocks()
CVE-2022-49851		riscv: fix reserved memory setup
CVE-2022-49863		can: af_can: fix NULL pointer dereference in can_rx_register()
CVE-2022-49862		tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header
CVE-2022-49864		drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()
CVE-2022-49861		dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()

Showing top 20 of 245 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux

Same vendor: Linux

V. Comments for CVE-2022-49930

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-49930— RDMA/hns: Fix NULL pointer problem in free_mr_init()

Affected Version Matrix 6

I. Basic Information for CVE-2022-49930

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-49930

III. Intelligence Information for CVE-2022-49930

Same Patch Batch · Linux · 2025-05-01 · 245 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-49930

Leave a comment